{"id":"https://openalex.org/W2066529931","doi":"https://doi.org/10.1109/icacci.2013.6637220","title":"Detecting SOQL-injection vulnerabilities in SalesForce applications","display_name":"Detecting SOQL-injection vulnerabilities in SalesForce applications","publication_year":2013,"publication_date":"2013-08-01","ids":{"openalex":"https://openalex.org/W2066529931","doi":"https://doi.org/10.1109/icacci.2013.6637220","mag":"2066529931"},"language":"en","primary_location":{"id":"doi:10.1109/icacci.2013.6637220","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icacci.2013.6637220","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103350353","display_name":"Amitabh Saxena","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Amitabh Saxena","raw_affiliation_strings":["Accenture Technology Laboratories, India","Accenture Technol. Labs., Bangalore, India"],"affiliations":[{"raw_affiliation_string":"Accenture Technology Laboratories, India","institution_ids":[]},{"raw_affiliation_string":"Accenture Technol. Labs., Bangalore, India","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100748443","display_name":"Shubhashis Sengupta","orcid":"https://orcid.org/0009-0003-8298-0216"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Shubhashis Sengupta","raw_affiliation_strings":["Accenture Technology Laboratories, India","Accenture Technol. Labs., Bangalore, India"],"affiliations":[{"raw_affiliation_string":"Accenture Technology Laboratories, India","institution_ids":[]},{"raw_affiliation_string":"Accenture Technol. Labs., Bangalore, India","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089676593","display_name":"Pradeepkumar Duraisamy","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Pradeepkumar Duraisamy","raw_affiliation_strings":["Accenture Technology Laboratories, India","Accenture Technol. Labs., Bangalore, India"],"affiliations":[{"raw_affiliation_string":"Accenture Technology Laboratories, India","institution_ids":[]},{"raw_affiliation_string":"Accenture Technol. Labs., Bangalore, India","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069263628","display_name":"Vikrant Kaulgud","orcid":"https://orcid.org/0009-0002-9774-6265"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Vikrant Kaulgud","raw_affiliation_strings":["Accenture Technology Laboratories, India","Accenture Technol. Labs., Bangalore, India"],"affiliations":[{"raw_affiliation_string":"Accenture Technology Laboratories, India","institution_ids":[]},{"raw_affiliation_string":"Accenture Technol. Labs., Bangalore, India","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048043105","display_name":"Amit Chakraborty","orcid":"https://orcid.org/0000-0003-4161-1994"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Amit Chakraborty","raw_affiliation_strings":["Accenture Technology Laboratories, India","Accenture Technol. Labs., Bangalore, India"],"affiliations":[{"raw_affiliation_string":"Accenture Technology Laboratories, India","institution_ids":[]},{"raw_affiliation_string":"Accenture Technol. Labs., Bangalore, India","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5103350353"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.4268,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.91175905,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"40","issue":null,"first_page":"489","last_page":"493"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9890000224113464,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.9142781496047974},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8857995271682739},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.853421688079834},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.6585806608200073},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5707005262374878},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.5512698888778687},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5483027100563049},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5246846079826355},{"id":"https://openalex.org/keywords/sql","display_name":"SQL","score":0.5214049816131592},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.4978775978088379},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.496065229177475},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.46415743231773376},{"id":"https://openalex.org/keywords/bytecode","display_name":"Bytecode","score":0.4513031244277954},{"id":"https://openalex.org/keywords/xml","display_name":"XML","score":0.41846784949302673},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3364986181259155},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.24264982342720032},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.24053603410720825},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.22557750344276428},{"id":"https://openalex.org/keywords/query-by-example","display_name":"Query by Example","score":0.179840087890625},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.10497453808784485},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.09962958097457886}],"concepts":[{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.9142781496047974},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8857995271682739},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.853421688079834},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.6585806608200073},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5707005262374878},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.5512698888778687},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5483027100563049},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5246846079826355},{"id":"https://openalex.org/C510870499","wikidata":"https://www.wikidata.org/wiki/Q47607","display_name":"SQL","level":2,"score":0.5214049816131592},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.4978775978088379},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.496065229177475},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.46415743231773376},{"id":"https://openalex.org/C2779818221","wikidata":"https://www.wikidata.org/wiki/Q837330","display_name":"Bytecode","level":3,"score":0.4513031244277954},{"id":"https://openalex.org/C8797682","wikidata":"https://www.wikidata.org/wiki/Q2115","display_name":"XML","level":2,"score":0.41846784949302673},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3364986181259155},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.24264982342720032},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.24053603410720825},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.22557750344276428},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.179840087890625},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.10497453808784485},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.09962958097457886},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icacci.2013.6637220","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icacci.2013.6637220","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7300000190734863}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1484019856","https://openalex.org/W1505465226","https://openalex.org/W1507552563","https://openalex.org/W2044701300","https://openalex.org/W2134429122","https://openalex.org/W2158047578","https://openalex.org/W2167685423","https://openalex.org/W3033482452","https://openalex.org/W4248889516"],"related_works":["https://openalex.org/W4312406950","https://openalex.org/W3188339517","https://openalex.org/W2766465278","https://openalex.org/W2117353399","https://openalex.org/W2184634743","https://openalex.org/W2066529931","https://openalex.org/W2295858576","https://openalex.org/W4387982387","https://openalex.org/W189846524","https://openalex.org/W2899569243"],"abstract_inverted_index":{"The":[0],"two":[1],"most":[2],"common":[3],"web-attacks":[4],"used":[5],"by":[6,38],"hackers":[7],"to":[8,62,72],"steal":[9],"data":[10],"are":[11,18],"SQL-injection":[12],"and":[13,54,102],"cross-site":[14],"scripting":[15],"(XSS).":[16],"These":[17],"examples":[19],"of":[20,50],"taint":[21],"vulnerabilities":[22],"where":[23],"maliciously":[24],"crafted":[25],"code":[26],"(for":[27],"example,":[28],"a":[29,35,57],"SQL":[30],"query)":[31],"is":[32,70,92],"injected":[33],"into":[34],"Web":[36],"application":[37],"embedding":[39],"it":[40,77],"inside":[41],"innocuous":[42],"looking":[43],"user":[44],"inputs.":[45],"We":[46],"present":[47],"the":[48,90],"design":[49],"TRAP":[51,69],"(Taint":[52],"Removal":[53],"Analysis":[55,86],"Platform),":[56],"static":[58],"data-flow":[59],"analysis":[60,91],"tool":[61],"detect":[63],"SOQL-injection":[64],"problems":[65],"in":[66],"SalesForce":[67],"applications.":[68],"designed":[71],"be":[73],"language":[74,82],"independent":[75],"as":[76],"uses":[78],"an":[79],"XML":[80],"intermediate":[81],"called":[83],"STAC":[84,98],"(STatic":[85],"Code),":[87],"on":[88],"which":[89],"done.":[93],"Currently,":[94],"we":[95],"have":[96],"implemented":[97],"compilers":[99],"for":[100],"Apex":[101],"Java.":[103]},"counts_by_year":[{"year":2019,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}