文献一覧: Yuwei LI (著者) - Ceek.jp Altmetrics

3 0 0 0 DISOV: Discovering Second-Order Vulnerabilities Based on Web Application Property Graph

著者: Yu CHEN Zulie PAN Yuanchao CHEN Yuwei LI
出版者: The Institute of Electronics, Information and Communication Engineers
雑誌: IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences (ISSN:09168508)
巻号頁・発行日: vol.E106-A, no.2, pp.133-145, 2023-02-01

Web application second-order vulnerabilities first inject malicious code into the persistent data stores of the web server and then execute it at later sensitive operations, causing severe impact. Nevertheless, the dynamic features, the complex data propagation, and the inter-state dependencies bring many challenges in discovering such vulnerabilities. To address these challenges, we propose DISOV, a web application property graph (WAPG) based method to discover second-order vulnerabilities. Specifically, DISOV first constructs WAPG to represent data propagation and inter-state dependencies of the web application, which can be further leveraged to find the potential second-order vulnerabilities paths. Then, it leverages fuzz testing to verify the potential vulnerabilities paths. To verify the effectiveness of DISOV, we tested it in 13 popular web applications in real-world and compared with Black Widow, the state-of-the-art web vulnerability scanner. DISOV discovered 43 second-order vulnerabilities, including 23 second-order XSS vulnerabilities, 3 second-order SQL injection vulnerabilities, and 17 second-order RCE vulnerabilities. While Black Widow only discovered 18 second-order XSS vulnerabilities, with none second-order SQL injection vulnerability and second-order RCE vulnerability. In addition, DISOV has found 12 0-day second-order vulnerabilities, demonstrating its effectiveness in practice.

2023-02-17 11:33:13
3 + 0 Twitter

1 0 0 0 OA RNA-sequencing Reveals Differentially Expressed Genes of Laying Hens Fed Baihu Decoction Under Heat Shock

著者: Tingting Lu Lihong Li Yuwei Li Xianghui Li
出版者: Japan Poultry Science Association
雑誌: The Journal of Poultry Science (ISSN:13467395)
巻号頁・発行日: vol.60, no.2, pp.2023012, 2023 (Released:2023-05-19)
参考文献数: 52

Egg production, an important economic trait in the poultry industry, is sensitive to heat stress. The hypothalamus is a crucial center for thermoregulation by detecting temperature changes and regulating the autonomic nervous system in poultry. Baihu decoction (BH), which contains four ingredients (Rhizoma Anemarrhenae, Gypsum Fibrosum, Radix Glycyrrhizae, and Semen Oryzae Nonglutinosae), is a traditional Chinese medicinal formula for clearing heat. Our study aimed to investigate the changes in gene transcription levels in the hypothalamus of laying hens treated with heat stress with and without BH using RNA sequencing. A total of 223 differentially expressed genes (DEGs) were identified in the heat-treated group compared with the control group and 613 DEGs were identified in the BH group compared with the heat-treated group. Heat shock led to significant changes in the expression of multiple genes involved in the “neuroactive ligand-receptor interaction” pathway. Moreover, feeding BH led to significant upregulation in the expression of eight genes encoding heat shock proteins (HSPs), which were highlighted as candidates to control the “protein processing in the endoplasmic reticulum (ER)” pathway. These results provide the novel insight that BH responds to heat stress by participating in regulation of the ER signaling pathway and HSPs expression.

2023-05-19 08:42:37
1 + 0 Twitter