Neural networks based choice of tools for penetration testing of web applications

2018 ◽  
Author(s):  
Artem Tetskyi ◽  
Vyacheslav Kharchenko ◽  
Dmytro Uzun
Keyword(s):  
Neural Networks ◽  
Web Applications ◽  
Penetration Testing

scholarly journals DEVELOPMENT OF THE METHODOLOGY FOR PENETRATION TESTING OF MOBILE AND WEB APPLICATIONS

2019 ◽  
Vol 9 ◽  
pp. 47-53
Author(s):  
Anastasia Melnikova ◽  
Igor Karmanov
Keyword(s):  
Information System ◽  
Information Security ◽  
Web Applications ◽  
Penetration Testing

The relevance of the topic is due to the fact that penetration testing (tests to overcome protection, penetration testing, pentest) is a worldwide popular service in the field of information security. The essence of such work is an authorized attempt to circumvent the existing set of protection means of information system. During testing, the auditor performs the role of an attacker motivated to violate the information security of customer's network. In article, features of penetration testing are thoroughly studied, a detail analysis of existing foreign solutions in the field of penetration testing is performed, a proprietary technique is developed and recommendations for improving the existing techniques are proposed.

scholarly journals Web Application Penetration Testing Using SQL Injection Attack

2021 ◽  
Vol 5 (3) ◽  
pp. 320
Author(s):  
Alde Alanda ◽  
Deni Satria ◽  
M.Isthofa Ardhana ◽  
Andi Ahmad Dahlan ◽  
Hanriyawan Adnan Mooduto
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Rapid Development ◽  
Security Level ◽  
Sensitive Information ◽  
Sql Injection ◽  
Web Application Security ◽  
Penetration Testing ◽  
Application Security ◽  
Sql Injection Attack

A web application is a very important requirement in the information and digitalization era. With the increasing use of the internet and the growing number of web applications, every web application requires an adequate security level to store information safely and avoid cyber attacks. Web applications go through rapid development phases with short turnaround times, challenging to eliminate vulnerabilities. The vulnerability on the web application can be analyzed using the penetration testing method. This research uses penetration testing with the black-box method to test web application security based on the list of most attacks on the Open Web Application Security Project (OWASP), namely SQL Injection. SQL injection allows attackers to obtain unrestricted access to the databases and potentially collecting sensitive information from databases. This research randomly tested several websites such as government, schools, and other commercial websites with several techniques of SQL injection attack. Testing was carried out on ten websites randomly by looking for gaps to test security using the SQL injection attack. The results of testing conducted 80% of the websites tested have a weakness against SQL injection attacks. Based on this research, SQL injection is still the most prevalent threat for web applications. Further research can explain detailed information about SQL injection with specific techniques and how to prevent this attack.

An Improved Approach for SQL Injection Vulnerabilities Detection

2012 ◽  
Vol 263-266 ◽  
pp. 3017-3020
Author(s):  
Zong Zhi Zhang ◽  
Qiao Yan Wen ◽  
Zhao Zhang
Keyword(s):  
Web Applications ◽  
Security Vulnerabilities ◽  
Sql Injection ◽  
Penetration Testing

The attack of SQL injection is a well-known threat to web applications, which leads to great damages of confidentiality and integrity of information in databases. Therefore, it is essential for each web applications to detect SQL injection vulnerabilities and eliminate the hidden danger. In this paper, an approach based on penetration testing named YUKIER is proposed to achieve higher effectiveness and preciseness on identifying security vulnerabilities. We compare YUKIER with SQLiX and Paros Proxy, and the experiment results demonstrate that our proposed approach has the higher performances with respect to the existing circumstance.

scholarly journals Vulnerability Assessment of Web Applications using Penetration Testing

2019 ◽  
Vol 8 (4) ◽  
pp. 1552-1556
Keyword(s):  
Open Source ◽  
Vulnerability Assessment ◽  
Web Applications ◽  
Penetration Testing ◽  
Testing Methodology ◽  
Cyber Threats ◽  
The Right

In recent years, utilization of web applications, web hacking exercises have grown exponentially. Organizations are confronting extremely critical difficulties in anchoring their web applications from rising cyber threats, as bargain with the assurance issues don't appear to be the right approach. Vulnerability Assessment and Penetration Testing (VAPT) methods help us find these vulnerabilities / security loopholes in our systems even before an intruder could find a way to get it. This helps avoid zero-day exploits. This paper aims to elucidate the overview of Vulnerability Assessment and Penetration Testing and introduce the most efficient open source tools used to perform these tests. This paper also presents a combined VAPT testing methodology that incorporates strengths of several existing approaches, with the goal to understand their utility and benefit the most from the tests.

scholarly journals Using Neural Networks to Protect Web Applications

2020 ◽  
pp. 16-20
Author(s):  
Marina Ozhiganova ◽  
◽  
Emil Kurtametov ◽  
Keyword(s):  
Neural Networks ◽  
Web Application ◽  
Web Applications ◽  
Reference Network ◽  
Network Systems ◽  
Web Application Security ◽  
Specific Content ◽  
Preventative Measures ◽  
Wide Range ◽  
Security Of Network

Security of network systems has become a necessity, as more and more important information is stored and used online. The spread of web applications opens up new attack vectors. Traditional security mechanisms, such as firewalls, are not designed to protect web applications and therefore do not provide adequate protection. Current attacks cannot be prevented only by blocking ports 80 (HTTP) and 443 (HTTPS). Preventative measures (such as web application firewall rules) are not always possible. Signature methods for detection are always behind the actual event. Protocol-enforced network firewalls usually provide the first line of defense, delaying most major attacks on the network perimeter. They mainly work on the network, session, and transport layers of the reference network model (OSI). Developers have significantly expanded the capabilities of network firewalls to control the integrity of a wide range of top-level protocols, such as DNS, FTP, HTTP, SMTP, and TFTP. Standard firewalls can help restrict or allow access to network ports. Although application proxy firewalls exist, they cannot understand the specific content of all web applications run by an enterprise. The purpose of this article is to study the features of using machine learning in web application protection. Methods of web application security and learning neural networks were studied. The result of this work is a theoretical overview of the neural network security of a web application.

scholarly journals Security Assessment of Web Application through Penetration System Techniques

2017 ◽  
Author(s):  
Andysah Putera Utama Siahaan
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Security Assessment ◽  
Penetration Testing ◽  
A Site ◽  
Networking Security

The strength of a site can be tested in a way to attack. The test is penetration testing. Before a site is released, the security on network and web application must be completely safe and tested. This study aims to find loopholes and flaws in web applications. The object is a subject of research is the Universitas Pembangunan Panca Budi site (www.pancabudi.ac.id). This experiment used a simulated attack to test whether the site has adequate security. This penetration will collect information about the power of networking, security holes, and access. The result is the recommendation for security improvement. Concerning the results of penetration, the administrator can fix vulnerabilities that exist on the site.

scholarly journals Design of Warship Simulation Using Variable-Chromosome Genetic Algorithm

2019 ◽  
Vol 9 (19) ◽  
pp. 4131 ◽  
Author(s):  
Kang-moon Park ◽  
Suk-hoon Shin ◽  
Donghoon Shin ◽  
Sung-do Chi
Keyword(s):  
Genetic Algorithm ◽  
Neural Networks ◽  
Artificial Neural Networks ◽  
Web Applications ◽  
Search Algorithm ◽  
Defense Industry ◽  
Industrial Applications ◽  
Fixed Number ◽  
Global Search Algorithm ◽  
Chromosome Attachment

A genetic algorithm (GA) is a global search algorithm based on biological genetics. GAs are generally used for industrial applications, artificial neural networks, web applications, the defense industry, and so on. However, it is difficult to apply GAs to more complex situations because of the fixed number of chromosomes. In this research, in order to overcome this limitation, we propose a variable-chromosome GA with a chromosome attachment feature. Verification of the algorithm is carried out through anti-submarine high value unit (HVU) escort mission simulations. Ultimately, it is confirmed that the GA using the variable chromosome is more effective in dealing with highly complex missions, whereby the number of chromosomes gradually increases.

Sign in / Sign up

Export Citation Format

Share Document