CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 13516 > Article
Paper
15 January 2025 Comprehensive approach to identifying and mitigating DoS vulnerabilities in PHP: from CVE analysis to model-based automated detection
Shuangli Li
Author Affiliations +
Proceedings Volume 13516, Fourth International Conference on Network Communication and Information Security (ICNCIS 2024); 1351612 (2025) https://doi.org/10.1117/12.3052135
Event: International Conference on Network Communication and Information Security (ICNCIS 2024), 2024, Hangzhou, China
Abstract
As the reliance of businesses and organizations on online operations continues to grow, the importance of addressing software security vulnerabilities becomes increasingly critical. This paper delves into the phenomenon of Denial of Service (DoS) attacks in PHP web applications, focusing on the exploitation of recursive function calls that lead to DoS vulnerabilities. We analyze the causes of DoS vulnerabilities in CVEs to illustrate how such vulnerabilities can be exploited and extract a transferable model from this analysis, highlighting its commonality in web development. Potential attack methods and risks are discussed in detail. Additionally, an automated detection tool has been developed to identify high-risk vulnerability points in developers' code. This research provides valuable insights and practical solutions for PHP developers and security professionals to enhance the resilience of web applications against DoS attacks.
(2025) Published by SPIE. Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Shuangli Li "Comprehensive approach to identifying and mitigating DoS vulnerabilities in PHP: from CVE analysis to model-based automated detection", Proc. SPIE 13516, Fourth International Conference on Network Communication and Information Security (ICNCIS 2024), 1351612 (15 January 2025); https://doi.org/10.1117/12.3052135
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
;
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 6 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Model based design
Analytical research
Detection and tracking algorithms
Detector development
Machine learning
Network security
Process modeling
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top