Preventing medication errors by using a barcode administration system has become prevalent in patient safety. Analyses of data captured by bar code systems provide opportunities to understand the actual situation at the point of care. Our study aims at understanding issues of medication safety as well as investigating measures taken to prevent medication accidents, by analyzing data captured by...

The number and the importance of web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error prone and costly, the need for automated solutions has become evident. Many web applications written in ASP suffer from injection vulnerabil...

Over the past decades, fault injection attacks have been extensively studied due to their capability to efficiently break cryptographic implementations. Fault injection attack models are normally determined by analyzing the cipher structure and finding exploitable spots in non-linear and permutation layers. However, this level of abstraction is often too high to distinguish vulnerable parts of ...

Cross-Site Scripting is one of the major’s attacks described by OWASP. The Cross Site Scripting attack is possible by inserting or changing the programming logic, changing and syntax of HTML elements by code injection attacks. The Web application is XSS Vulnerable when there is no proper input validation. The many web applications like social networking sites are the victims of this attack. Thi...

As GPUs become more pervasive in both scalable high-performance computing systems and safety-critical embedded systems, evaluating and analyzing their resilience will grow increasingly important. As soft errors, such as those caused by high-energy particle strikes, form an important fraction of in-field hardware errors, GPU designers must develop tools and techniques to understand the effect of...

SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability...

Abtract. In order to combat web application security issues, two main aspects must always be considered: Input must be validated, output must be escaped. A lack of input validation can lead to a dangerous injection attack, most prominently known are SQL Injections or command injections, and more recently XPath injections [1]. This paper presents a new way of attack called RegEx Injections/Regul...

Delving into present trends and anticipating future malware trends, a hybrid, SQL on the server-side, JavaScript on the client-side, self-replicating worm based on two-stage quines was designed and implemented on an ad-hoc scenario instantiating a very common software pattern. The proof of concept code combines techniques seen in the wild, in the form of SQL injections leading to cross-site scr...

Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memo...

Fault injection attack models are normally determined by analyzing the cipher structure and finding exploitable spots in non-linear and diffusion layers. However, this level of abstraction is often too high to distinguish vulnerable parts of software implementations, due to specific operations and optimizations. On the other hand, manually analyzing the assembly code requires non-negligible amo...