Formal Analysis of Vulnerabilities of Web Applications Based on SQL Injection (Extended Version)

We present a formal approach that exploits attacks related to SQL Injection (SQLi) searching for security flaws in a web application. We give a formal representation of web applications and databases, and show that our formalization effectively exploits SQLi attacks. We implemented our approach in a prototype tool called SQLfast and we show its efficiency on real-world case studies, including the discovery of an attack on Joomla! that no other tool can find

Signs of a faint disc population at polluted white dwarfs

Observations of atmospheric metals and dust discs around white dwarfs provide important clues to the fate of terrestrial planetary systems around intermediate mass stars. We present Spitzer IRAC observations of 15 metal polluted white dwarfs to investigate the occurrence and physical properties of circumstellar dust created by the disruption of planetary bodies. We find subtle infrared excess emission consistent with warm dust around KUV 15519+1730 and HS 2132+0941, and weaker excess around the DZ white dwarf G245-58, which, if real, makes it the coolest white dwarf known to exhibit a 3.6 micron excess and the first DZ star with a bright disc. All together our data corroborate a picture where 1) discs at metal-enriched white dwarfs are commonplace and most escape detection in the infrared (possibly as narrow rings), 2) the discs are long lived, having lifetimes on the order of 10^6 yr or longer, and 3) the frequency of bright, infrared detectable discs decreases with age, on a timescale of roughly 500 Myr, suggesting large planetesimal disruptions decline on this same timescale.Comment: 11 pages, 6 figures, 5 tables, MNRAS accepted. Minor changes to match published versio

An interpolation-based method for the verification of security protocols

Interpolation has been successfully applied in formal methods for model checking and test-case generation for sequential programs. Security protocols, however, exhibit such idiosyncrasies that make them unsuitable to the direct application of interpolation. We address this problem and present an interpolation-based method for security protocol verification. Our method starts from a protocol specification and combines Craig interpolation, symbolic execution and the standard Dolev-Yao intruder model to search for possible attacks on the protocol. Interpolants are generated as a response to search failure in order to prune possible useless traces and speed up the exploration. We illustrate our method by means of concrete examples and discuss the results obtained by using a prototype implementation

A comparison of exoplanet spectroscopic retrieval tools

Over the last several years, spectroscopic observations of transiting exoplanets have begun to uncover information about their atmospheres, including atmospheric composition and indications of the presence of clouds and hazes. Spectral retrieval is the leading technique for interpretation of transmission spectra and is employed by several teams using a variety of forward models and parameter estimation algorithms. However, different model suites have mostly been used in isolation and so it is unknown whether the results from each are comparable. As we approach the launch of the James Webb Space Telescope, we anticipate advances in wavelength coverage, precision, and resolution of transit spectroscopic data, so it is important that the tools that will be used to interpret these information-rich spectra are validated. To this end, we present an intermodel comparison of three retrieval suites: TAUREX, NEMESIS, and CHIMERA. We demonstrate that the forward model spectra are in good agreement (residual deviations on the order of 20-40 ppm), and discuss the results of cross-retrievals among the three tools. Generally, the constraints from the cross-retrievals are consistent with each other and with input values to within 1σ. However, for high precision scenarios with error envelopes of order 30 ppm, subtle differences in the simulated spectra result in discrepancies between the different retrieval suites, and inaccuracies in retrieved values of several σ. This can be considered analogous to substantial systematic/astrophysical noise in a real observation, or errors/omissions in a forward model such as molecular line list incompleteness or missing absorbers

Lightning chemistry on Earth-like exoplanets

AA, PBR and ChH gratefully acknowledge the support of the ERC Starting Grant no. 257431. IW, MR, SNY and JT also gratefully acknowledge the support of the STFC (ST/K502406/1), and the ERC projects ExoMol (26719) and ExoLights (617119).We present a model for lightning shock-induced chemistry that can be applied to atmospheres of arbitrary H/C/N/O chemistry, hence for extrasolar planets and brown dwarfs. The model couples hydrodynamics and the STAND2015 kinetic gas-phase chemistry. For an exoplanet analogue to the contemporary Earth, our model predicts NO and NO2 yields in agreement with observation. We predict height-dependent mixing ratios during a storm soon after a lightning shock of NO ≈ 10-3 at 40 km and NO2 ≈ 10-4 below 40 km, with O3 reduced to trace quantities (≪10-10). For an Earth-like exoplanet with a CO2/N2 dominated atmosphere and with an extremely intense lightning storm over its entire surface, we predict significant changes in the amount of NO, NO2, O3, H2O, H2 and predict a significant abundance of C2N. We find that, for the Early Earth, O2 is formed in large quantities by lightning but is rapidly processed by the photochemistry, consistent with previous work on lightning. The chemical effect of persistent global lightning storms are predicted to be significant, primarily due to NO2, with the largest spectral features present at ∼3.4 and ∼6.2 μm. The features within the transmission spectrum are on the order of 1 ppm and therefore are not likely detectable with the James Webb Space Telescope. Depending on its spectral properties, C2N could be a key tracer for lightning on Earth-like exoplanets with a N2/CO2 bulk atmosphere, unless destroyed by yet unknown chemical reactions.Publisher PDFPeer reviewe