H. Long, Tong Anh Tuan, D. Taniar, Nguyen Van Can, Hoang Minh Hue, N. T. K. Son
{"title":"An efficient algorithm and tool for detecting dangerous website vulnerabilities","authors":"H. Long, Tong Anh Tuan, D. Taniar, Nguyen Van Can, Hoang Minh Hue, N. T. K. Son","doi":"10.1504/ijwgs.2020.10027870","DOIUrl":null,"url":null,"abstract":"Web applications are progressively developing and applied in most aspects of life. However, there exist a variety of dangerous website security vulnerabilities such as SQL injection and cross-site scripting. This creates the opportunity for hackers to exploit and attack websites for commercial or political purposes or fame. Some research and commercial software have been developed for scanning and detecting those vulnerabilities. In this paper, we present an efficient algorithmic study and tool to detect web security vulnerabilities. Experimental results show that the new method is capable of detecting vulnerabilities with high accuracy. Compared to popular commercial software on the market, our tool has faster performance and can detect a number of less common vulnerabilities such as shell injection, or file inclusion.","PeriodicalId":54935,"journal":{"name":"International Journal of Web and Grid Services","volume":"30 1","pages":"81-104"},"PeriodicalIF":1.0000,"publicationDate":"2020-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Web and Grid Services","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1504/ijwgs.2020.10027870","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 8
Abstract
Web applications are progressively developing and applied in most aspects of life. However, there exist a variety of dangerous website security vulnerabilities such as SQL injection and cross-site scripting. This creates the opportunity for hackers to exploit and attack websites for commercial or political purposes or fame. Some research and commercial software have been developed for scanning and detecting those vulnerabilities. In this paper, we present an efficient algorithmic study and tool to detect web security vulnerabilities. Experimental results show that the new method is capable of detecting vulnerabilities with high accuracy. Compared to popular commercial software on the market, our tool has faster performance and can detect a number of less common vulnerabilities such as shell injection, or file inclusion.
期刊介绍:
Web services are providing declarative interfaces to services offered by systems on the Internet, including messaging protocols, standard interfaces, directory services, as well as security layers, for efficient/effective business application integration. Grid computing has emerged as a global platform to support organisations for coordinated sharing of distributed data, applications, and processes. It has also started to leverage web services to define standard interfaces for business services. IJWGS addresses web and grid service technology, emphasising issues of architecture, implementation, and standardisation.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
