Fang Yu scite author profile

Security remains a major roadblock to universal acceptance of the Web for many kinds of transactions, especially since the recent sharp increase in remotely exploitable vulnerabilities has been attributed to Web application bugs. Many verification tools are discovering previously unknown vulnerabilities in legacy C programs, raising hopes that the same success can be achieved with Web applications. In this paper, we describe a sound and holistic approach to ensuring Web application security. Viewing Web application vulnerabilities as a secure information flow problem, we created a lattice-based static analysis algorithm derived from type systems and typestate, and addressed its soundness. During the analysis, sections of code considered vulnerable are instrumented with runtime guards, thus securing Web applications in the absence of user intervention. With sufficient annotations, runtime overhead can be reduced to zero. We also created a tool named WebSSARI (Web application Security by Static Analysis and Runtime Inspection) to test our algorithm, and used it to verify 230 open-source Web application projects on SourceForge.net, which were selected to represent projects of different maturity, popularity, and scale. 69 contained vulnerabilities and their developers were notified. 38 projects acknowledged our findings and stated their plans to provide patches. Our statistics also show that static analysis reduced potential runtime overhead by 98.4%.

show abstract

Elevated expressions of MMP7, TROP2, and survivin are associated with survival, disease recurrence, and liver metastasis of colon cancer

Zhang

Wang

et al. 2009

Int J Colorectal Dis

166

122

View full text Add to dashboard Cite

show abstract

Stranger: An Automata-Based String Analysis Tool for PHP

2010

View full text Add to dashboard Cite

Abstract. STRANGER is an automata-based string analysis tool for finding and eliminating string-related security vulnerabilities in PHP applications. STRANGER uses symbolic forward and backward reachability analyses to compute the possible values that the string expressions can take during program execution. STRANGER can automatically (1) prove that an application is free from specified attacks or (2) generate vulnerability signatures that characterize all malicious inputs that can be used to generate attacks.

show abstract

The burden of headache in China: validation of diagnostic questionnaire for a population-based survey

Cao

Zhao

et al. 2011

J Headache Pain

View full text Add to dashboard Cite

The objective of this study was to test the validity, in the Chinese population, of the Lifting The Burden diagnostic questionnaire for the purpose of a population-based survey of the burden of headache in China. From all regions of China, a population-based sample of 417 respondents had completed the structured questionnaire in a door-to-door survey conducted by neurologists from local hospitals calling unannounced. They were contacted for re-interview by telephone by headache specialists who were unaware of the questionnaire diagnoses. A screening question ascertained whether headache had occurred in the last year. If they had, the specialists applied their expertise and ICHD-II diagnostic criteria to make independent diagnoses which, as the gold standard, were later compared with the questionnaire diagnoses. There were 18 refusals; 399 interviews were conducted in 202 women and 197 men aged 18–65 years (mean age 44.4 ± 12.6 years). In comparison to the specialists’ diagnoses, the sensitivity, specificity, positive predictive value, negative predictive value and Cohen’s kappa (95% CI) of the questionnaire for the diagnosis of migraine were 0.83, 0.99, 0.83, 0.99 and 0.82 (0.71–0.93), respectively; for the diagnosis of tension-type headache (TTH), they were 0.51, 0.99, 0.86, 0.92 and 0.59 (0.46–0.72), respectively. In conclusion, the questionnaire was accurate and reliable in diagnosing migraine (agreement level excellent), less so, but adequate, for TTH (sensitivity relatively low, false negative rate relatively high and agreement level fair to good). The non-specific features of TTH do not lend themselves well to diagnosis by questionnaire.

show abstract

Symbolic String Verification: An Automata-Based Approach

Bultan

Cova

et al.

View full text Add to dashboard Cite

Abstract. We present an automata-based approach for the verification of string operations in PHP programs based on symbolic string analysis. String analysis is a static analysis technique that determines the values that a string expression can take during program execution at a given program point. This information can be used to verify that string values are sanitized properly and to detect programming errors and security vulnerabilities. In our string analysis approach, we encode the set of string values that string variables can take as automata. We implement all string functions using a symbolic automata representation (MBDD representation from the MONA automata package) and leverage efficient manipulations on MBDDs, e.g., determinization and minimization. Particularly, we propose a novel algorithm for language-based replacement. Our replacement function takes three DFAs as arguments and outputs a DFA. Finally, we apply a widening operator defined on automata to approximate fixpoint computations. If this conservative approximation does not include any bad patterns (specified as regular expressions), we conclude that the program does not contain any errors or vulnerabilities. Our experimental results demonstrate that our approach works quite well in checking the correctness of sanitization operations in real-world PHP applications.

show abstract

MFG‐E8 reverses microglial‐induced neurotoxic astrocyte (A1) via NF‐κB and PI3K‐Akt pathways

Zhang

Zhu

et al. 2018

Journal Cellular Physiology

112

View full text Add to dashboard Cite

Recent evidence have suggested that neuroinflammation and ischemia induce the activation of two different types of reactive astrocytes, termed A1 and A2. Additionally, A1 astrocytes contribute to the death of neurons and oligodendrocytes in neurodegenerative diseases, such as Alzheimer's disease (AD). In the current study, we constructed an Aβ42-activated microglia-conditioned medium to induce A1 astrocytic activation via secretion of interleukin 1α, tumor necrosis factor, and complement component 1q in vitro, and indicated the regulatory role of milk fat globule epidermal growth factor 8 (MFG-E8) on A1/A2 astrocytic alteration through the downregulation of nuclear factor-κB and the upregulation of PI3K-Akt. This study showed that MFG-E8 suppressed A1 astrocytes and holds great potential for the treatment of AD.

show abstract

A study on additional early physiotherapy after stroke and factors affecting functional recovery

Yu¹,

Chen²,

Li³

et al. 2003

Clin Rehabil

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Fang Yu

The Prevalence and Burden of Primary Headaches in China: A Population‐Based Door‐to‐Door Survey

Securing web application code by static analysis and runtime protection

Elevated expressions of MMP7, TROP2, and survivin are associated with survival, disease recurrence, and liver metastasis of colon cancer

Stranger: An Automata-Based String Analysis Tool for PHP

The burden of headache in China: validation of diagnostic questionnaire for a population-based survey

Symbolic String Verification: An Automata-Based Approach

MFG‐E8 reverses microglial‐induced neurotoxic astrocyte (A1) via NF‐κB and PI3K‐Akt pathways

A study on additional early physiotherapy after stroke and factors affecting functional recovery

Contact Info

Product

Resources

About