Static and dynamic analysis for web security in industry applications

To apply our analysis work in industry security applications, we are investigating semantic metadata and structural syntax analysis. This paper explains how our approaches achieve the goal in terms of static and dynamic analysis by using industry scenarios. To better explain the framework and roadmap, we describe our approaches by using macro and micro views individually. Macro view oversees syntax structure and identification, while micro view envisions metadata messaging and parser automaton. The coherence of macro and micro views forms web security framework in tracking and validation. Our research applies the security service in industry fraud detection. It demonstrates metadata messaging for tracking, and HIPA code generation for validation. This bridges the gap between static and dynamic analysis. This also builds up the foundation of web security governance.