A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. With a code injection attack (CIA) an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. Fatal injection: a survey of modern code injection attack countermeasures. Cite this article Mitropoulos D, Spinellis D. For attribution, the original author(s), title, publication source (PeerJ Computer Science) and either DOI or URL of the article must be cited. Department of Management Science and Technology, Athens University of Economics and Business, Greece DOI 10.7717/peerj-cs.136 Published Accepted Received Academic Editor Cynthia Irvine Subject Areas Security and Privacy Keywords Application security, Code injection attacks, Countermeasures, Static analysis, Dynamic prevention, Software vulnerabilities, Cross-site scripting Copyright © 2017 Mitropoulos and Spinellis Licence This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, reproduction and adaptation in any medium and for any purpose provided that it is properly attributed.
0 kommentar(er)
