Escrow: A large-scale web vulnerability assessment tool

The reliance on Web applications has increased rapidly over the years. At the same time, the quantity and impact of application security vulnerabilities have grown as well. Amongst these vulnerabilities, SQL Injection has been classified as the most common, dangerous and prevalent web application flaw. In this paper, we propose Escrow, a large-scale SQL Injection detection tool with an exploitation module that is light-weight, fast and platform-independent. Escrow uses a custom search implementation together with a static code analysis module to find potential target web applications. Additionally, it provides a simple to use graphical user interface (GUI) to navigate through a vulnerable remote database. Escrow is implementation-agnostic, i.e. It can perform analysis on any web application regardless of the server-side implementation (PHP, ASP, etc.). Using our tool, we discovered that it is indeed possible to identify and exploit at least 100 databases per 100 minutes, without prior knowledge of their underlying implementation. We observed that for each query sent, we can scan and detect dozens of vulnerable web applications in a short space of time, while providing a means for exploitation. Finally, we provide recommendations for developers to defend against SQL injection and emphasise the need for proactive assessment and defensive coding practices

Development of Photonic Crystal Fiber Based Gas/ Chemical Sensors

The development of highly-sensitive and miniaturized sensors that capable of real-time analytes detection is highly desirable. Nowadays, toxic or colorless gas detection, air pollution monitoring, harmful chemical, pressure, strain, humidity, and temperature sensors based on photonic crystal fiber (PCF) are increasing rapidly due to its compact structure, fast response and efficient light controlling capabilities. The propagating light through the PCF can be controlled by varying the structural parameters and core-cladding materials, as a result, evanescent field can be enhanced significantly which is the main component of the PCF based gas/chemical sensors. The aim of this chapter is to (1) describe the principle operation of PCF based gas/ chemical sensors, (2) discuss the important PCF properties for optical sensors, (3) extensively discuss the different types of microstructured optical fiber based gas/ chemical sensors, (4) study the effects of different core-cladding shapes, and fiber background materials on sensing performance, and (5) highlight the main challenges of PCF based gas/ chemical sensors and possible solutions