Formal Analysis of Vulnerabilities of Web Applications Based on SQL Injection (Extended Version)

We present a formal approach that exploits attacks related to SQL Injection (SQLi) searching for security flaws in a web application. We give a formal representation of web applications and databases, and show that our formalization effectively exploits SQLi attacks. We implemented our approach in a prototype tool called SQLfast and we show its efficiency on real-world case studies, including the discovery of an attack on Joomla! that no other tool can find

Remote Cell Growth Sensing Using Self-Sustained Bio-Oscillations

A smart sensor system for cell culture real-time supervision is proposed, allowing for a significant reduction in human effort applied to this type of assay. The approach converts the cell culture under test into a suitable “biological” oscillator. The system enables the remote acquisition and management of the “biological” oscillation signals through a secure web interface. The indirectly observed biological properties are cell growth and cell number, which are straightforwardly related to the measured bio-oscillation signal parameters, i.e., frequency and amplitude. The sensor extracts the information without complex circuitry for acquisition and measurement, taking advantage of the microcontroller features. A discrete prototype for sensing and remote monitoring is presented along with the experimental results obtained from the performed measurements, achieving the expected performance and outcomes