ABSTRACT
Using ever more sophisticated technologies, administrators have been closing the gaps in their network
periphery defenses, making it more difficult and expensive for hackers to target weaknesses in the
network layer. This fact, coupled with the proliferation of Web-based applications relying on dynamically
generated content, has resulted in a distinct shift by hackers: they are increasingly targeting vulnerabilities
in Web applications. Successful exploitation of these vulnerabilities could compromise the availability,
integrity, and confidentiality of information, with the potential to cause substantial financial loss to
victim organizations.