Inventors:
Jad Boutros - Mountain View CA, US
Srinath Anantharaju - Mountain View CA, US
Damien Miller - Mountain View CA, US
Parisa Tabriz - Mountain View CA, US
Assignee:
Google Inc. - Mountain View CA
International Classification:
H04L 29/06
US Classification:
726 25, 726 22, 726 23, 726 24, 713187, 713188, 709217, 709219, 709224
Abstract:
One embodiment provides a system that detects vulnerabilities in a web application. During operation, the system obtains a web request which is directed to the web application, wherein the web request specifies at least one request parameter. The system then determines whether the web request is a suspicious web request by determining if at least one request parameter matches a known attack. Next, the system determines whether the suspicious web request can cause a vulnerability of the web application to be exploited.