{"id":"https://openalex.org/W4311695093","doi":"https://doi.org/10.1109/sin56466.2022.9970499","title":"A Secure Design Pattern Approach Toward Tackling Lateral-Injection Attacks","display_name":"A Secure Design Pattern Approach Toward Tackling Lateral-Injection Attacks","publication_year":2022,"publication_date":"2022-11-11","ids":{"openalex":"https://openalex.org/W4311695093","doi":"https://doi.org/10.1109/sin56466.2022.9970499"},"language":"en","primary_location":{"id":"doi:10.1109/sin56466.2022.9970499","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sin56466.2022.9970499","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 15th International Conference on Security of Information and Networks (SIN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013547418","display_name":"Chidera Biringa","orcid":"https://orcid.org/0000-0001-5904-2764"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Chidera Biringa","raw_affiliation_strings":["University of Massachusetts Dartmouth,Dartmouth,USA","University of Massachusetts Dartmouth, Dartmouth, USA"],"affiliations":[{"raw_affiliation_string":"University of Massachusetts Dartmouth,Dartmouth,USA","institution_ids":["https://openalex.org/I100633361"]},{"raw_affiliation_string":"University of Massachusetts Dartmouth, Dartmouth, USA","institution_ids":["https://openalex.org/I100633361"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5039228531","display_name":"G\u00f6khan Kul","orcid":"https://orcid.org/0000-0001-6467-1979"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gokhan Kul","raw_affiliation_strings":["University of Massachusetts Dartmouth,Dartmouth,USA","University of Massachusetts Dartmouth, Dartmouth, USA"],"affiliations":[{"raw_affiliation_string":"University of Massachusetts Dartmouth,Dartmouth,USA","institution_ids":["https://openalex.org/I100633361"]},{"raw_affiliation_string":"University of Massachusetts Dartmouth, Dartmouth, USA","institution_ids":["https://openalex.org/I100633361"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5013547418"],"corresponding_institution_ids":["https://openalex.org/I100633361"],"apc_list":null,"apc_paid":null,"fwci":0.303,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.63349429,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.986299991607666,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7397043704986572},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7041720747947693},{"id":"https://openalex.org/keywords/delegate","display_name":"Delegate","score":0.6472176909446716},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.5727290511131287},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5692117810249329},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5500801205635071},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.4939499497413635},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4577054977416992}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7397043704986572},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7041720747947693},{"id":"https://openalex.org/C143273055","wikidata":"https://www.wikidata.org/wiki/Q2382794","display_name":"Delegate","level":2,"score":0.6472176909446716},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.5727290511131287},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5692117810249329},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5500801205635071},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.4939499497413635},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4577054977416992},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sin56466.2022.9970499","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sin56466.2022.9970499","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 15th International Conference on Security of Information and Networks (SIN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W155384935","https://openalex.org/W1989609831","https://openalex.org/W2060422862","https://openalex.org/W2124418290","https://openalex.org/W2134521102","https://openalex.org/W2158267769","https://openalex.org/W2207832021","https://openalex.org/W2568394246","https://openalex.org/W3030158930","https://openalex.org/W3168881492","https://openalex.org/W3175096569","https://openalex.org/W3183235808","https://openalex.org/W4296746025","https://openalex.org/W6606342502","https://openalex.org/W6666008849","https://openalex.org/W6679960114"],"related_works":["https://openalex.org/W4320018150","https://openalex.org/W2918664383","https://openalex.org/W2040808657","https://openalex.org/W4320855730","https://openalex.org/W106056076","https://openalex.org/W2135200719","https://openalex.org/W2573831620","https://openalex.org/W2085319386","https://openalex.org/W1551379303","https://openalex.org/W2034199088"],"abstract_inverted_index":{"Software":[0],"weaknesses":[1],"that":[2,62],"create":[3],"attack":[4,96],"surfaces":[5],"for":[6],"adversarial":[7],"exploits,":[8],"such":[9],"as":[10],"lateral":[11],"SQL":[12],"injection":[13],"(LSQLi)":[14],"attacks,":[15,44],"are":[16,29],"usually":[17],"introduced":[18],"during":[19],"the":[20,39,88,101],"design":[21,27,61],"phase":[22],"of":[23,42,90,105,110],"software":[24],"development.":[25],"Security":[26],"patterns":[28,48],"sometimes":[30],"applied":[31],"to":[32,38,49,70,115],"tackle":[33],"these":[34,51],"weaknesses.":[35],"However,":[36],"due":[37],"stealthy":[40],"nature":[41],"lateral-based":[43],"employing":[45],"traditional":[46],"security":[47,72],"address":[50,116],"threats":[52],"is":[53],"insufficient.":[54],"Hence,":[55],"we":[56,86],"present":[57],"SEAL,":[58],"a":[59],"secure":[60],"extrapolates":[63],"architectural,":[64],"design,":[65],"and":[66,93,103],"implementation":[67],"abstraction":[68],"levels":[69],"delegate":[71],"strategies":[73],"toward":[74],"tackling":[75],"LSQLi":[76,117],"attacks.":[77,118],"We":[78],"evaluated":[79],"SEAL":[80,111],"using":[81],"case":[82],"study":[83],"software,":[84],"where":[85],"assumed":[87],"role":[89],"an":[91],"adversary":[92],"injected":[94],"several":[95],"vectors":[97],"tasked":[98],"with":[99],"compromising":[100],"confidentiality":[102],"integrity":[104],"its":[106,113],"database.":[107],"Our":[108],"evaluation":[109],"demonstrated":[112],"capacity":[114]},"counts_by_year":[{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}