C
Chung-Hung Tsai
Researcher at National Taiwan University
Publications - 6
Citations - 854
Chung-Hung Tsai is an academic researcher from National Taiwan University. The author has contributed to research in topics: Web application & Web modeling. The author has an hindex of 6, co-authored 6 publications receiving 831 citations.
Papers
More filters
Proceedings ArticleDOI
Securing web application code by static analysis and runtime protection
TL;DR: A lattice-based static analysis algorithm derived from type systems and typestate is created, and its soundness is addressed, thus securing Web applications in the absence of user intervention and reducing potential runtime overhead by 98.4%.
Proceedings ArticleDOI
Verifying Web applications using bounded model checking
TL;DR: BMC offers a more practical approach to verifying programs containing large numbers of variables, but requires fixed program diameters to be complete, and formalizing Web application vulnerabilities as a secure information flow problem with fixed diameter allows for BMC application without drawback.
Patent
System and method for securing web application code and verifying correctness of software
TL;DR: In this article, a software application to be analyzed is transformed into an abstract representation which preserves its information flow properties, and the abstract interpretation is evaluated to identify vulnerabilities using, for example, type qualifiers to associate security levels with variables and/or functions in the application being analyzed and typestate checking.
Patent
Systems and methods for securing Web application code
TL;DR: In this article, a software application to be analyzed is transformed into an abstract representation which preserves its information flow properties, and the abstract interpretation is evaluated to identify vulnerabilities using, for example, type qualifiers to associate security levels with variables and/or functions in the application being analyzed and typestate checking.
Proceedings ArticleDOI
Non-detrimental Web application security scanning
TL;DR: A testing methodology that allows for harmless auditing is introduced, three testing modes - heavy, relaxed, and safe modes are defined, and the results from two experiments are reported.