How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores

Wang, Rui; Chen, Shuo; Wang, Xiaofeng; Qadeer, Shaz

doi:10.1109/sp.2011.26

Cited by 78 publications

(50 citation statements)

References 20 publications

(20 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…the primary merits include: (1) clients exclusively should enroll at the enlistment focus once and will utilize admissible administrations in qualified servers; (2) the subject doesn't need a check table; (3) clients will unreservedly settle on their passwords; (4) the calculation and correspondence esteem is to a great degree low; (5) servers and clients can confirm each other; (6) it creates a session enter in understanding by the client and in this way the server; (7) it's a nonce-based topic that doesn't have an overwhelming time-synchronization [15] disadvantage.…”

Section: Related Workmentioning

confidence: 99%

An Efficient Authentication Method For Smart Card Verification In Online

Rao¹,

Udayakumar²,

Khanaa³

2017

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

An Efficient Authentication Method For Smart Card Verification In Online

Rao¹,

Udayakumar²,

Khanaa³

2017

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

“…Wang et al [27] discovered logic vulnerabilities within the checkout procedures, which can be exploited by the attackers to shop for free. Its further research [28] also identified logic vulnerabilities within web-based single-sign-on services.…”

Section: Related Workmentioning

confidence: 99%

Lom: Discovering logic flaws within MongoDB-based web applications

Wen

Yuan

et al. 2016

Int. J. Autom. Comput.

View full text Add to dashboard Cite

“…With the goal of confirming the real dangers that logic vulnerabilities in e-commerce applications pose, we designed responsible proof-of-concept experiments following the example set by Wang et al [30]. Each experiment was performed on a live website that used a vulnerable payment module.…”

Section: Introductionmentioning

confidence: 99%

“…Each technique targets a particular domain of logic vulnerabilities and checks web applications against specifications in the given domain. Wang et al [30,33] are the first to perform security analysis on Cashier-as-aService based e-commerce applications. They found several serious logic vulnerabilities in a few popular e-commerce applications via manual code reviews [30] and proposed a proxybased approach to dynamically secure third-party web service integrations which include the integration of cashiers [33].…”

Section: Introductionmentioning

confidence: 99%

Detecting Logic Vulnerabilities in E-commerce Applications

Sun

2014

Proceedings 2014 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Abstract-E-commerce has become a thriving business model. With easy access to various tools and third-party cashiers, it is straightforward to create and launch e-commerce web applications. However, it remains difficult to create secure ones. While third-party cashiers help bridge the gap of trustiness between merchants and customers, the involvement of cashiers as a new party complicates logic flows of checkout processes. Even a small loophole in a checkout process may lead to financial loss of merchants, thus logic vulnerabilities pose serious threats to the security of e-commerce applications. Performing manual code reviews is challenging because of the diversity of logic flows and the sophistication of checkout processes. Consequently, it is important to develop automated detection techniques. This paper proposes the first static detection of logic vulnerabilities in e-commerce web applications. The main difficulty of automated detection is the lack of a general and precise notion of correct payment logic. Our key insight is that secure checkout processes share a common invariant: A checkout process is secure when it guarantees the integrity and authenticity of critical payment status (order ID, order total, merchant ID and currency). Our approach combines symbolic execution and taint analysis to detect violations of the invariant by tracking tainted payment status and analyzing critical logic flows among merchants, cashiers and users. We have implemented a symbolic execution framework for PHP. In our evaluation of 22 unique payment modules, our tool detected 12 logic vulnerabilities, 11 of which are new. We have also performed successful proof-ofconcept experiments on live websites to confirm our findings.

show abstract

How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores

Cited by 78 publications

References 20 publications

An Efficient Authentication Method For Smart Card Verification In Online

An Efficient Authentication Method For Smart Card Verification In Online

Lom: Discovering logic flaws within MongoDB-based web applications

Detecting Logic Vulnerabilities in E-commerce Applications

Contact Info

Product

Resources

About