Welcome to the InfoSci Platform
Reference Hub1
LDAP Vulnerability Detection in Web Applications

LDAP Vulnerability Detection in Web Applications

Hossain Shahriar, Hisham Haddad, Pranahita Bulusu
Copyright: © 2017 |Volume: 8 |Issue: 4 |Pages: 20
ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781522513889|DOI: 10.4018/IJSSE.2017100102
Cite Article Cite Article

MLA

Shahriar, Hossain, et al. "LDAP Vulnerability Detection in Web Applications." IJSSE vol.8, no.4 2017: pp.31-50. http://doi.org/10.4018/IJSSE.2017100102

APA

Shahriar, H., Haddad, H., & Bulusu, P. (2017). LDAP Vulnerability Detection in Web Applications. International Journal of Secure Software Engineering (IJSSE), 8(4), 31-50. http://doi.org/10.4018/IJSSE.2017100102

Chicago

Shahriar, Hossain, Hisham Haddad, and Pranahita Bulusu. "LDAP Vulnerability Detection in Web Applications," International Journal of Secure Software Engineering (IJSSE) 8, no.4: 31-50. http://doi.org/10.4018/IJSSE.2017100102

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Lightweight Directory Access Protocol (LDAP) is commonly used in web applications to provide lookup information and enforcing authentication. Web applications may suffer from LDAP injection vulnerabilities that can lead to security breaches such as login bypass and privilege escalation. This paper1 proposes OCL fault injection-based detection of LDAP injection attacks. The authors extract design-level information and constraints expressed in OCL and then randomly alter them to generate test cases that have the capability to uncover LDAP injection vulnerabilities. The authors proposed approaches to implement test case generation, and they used one open source PHP application and one custom application to evaluate the proposed approach. The analysis shows that this approach can detect LDAP injection vulnerabilities.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.