A Survey on Detection and Prevention of Web Vulnerabilities

CSS is one of the foremost routine vulnerabilities that affect many web applications. XSS attacks are essentially malicious injections (client-side) that are added to an internet page or app through user comments, form submissions, and so on. The most danger behind XSS is that it allows attackers to inject content into the online app. The injected content can modify how it's displayed, forcing the browser to execute the attacker’s code. Web vulnerabilities are developed for scanning whole webpage of internet sites. Vulnerability Assessment is that the process of identifying vulnerabilities in your application’s environment. Vulnerability is defined as a weakness or flaw within the system that permits an attacker or insider to access the system during a way they’re not authorized.

Download Full-text

Predicting Web Vulnerabilities in Web Applications Based on Machine Learning

Communications in Computer and Information Science - Intelligent Technologies and Applications ◽

10.1007/978-981-13-6052-7_41 ◽

2019 ◽

pp. 473-484 ◽

Cited By ~ 1

Author(s):

Muhammad Noman Khalid ◽

Humera Farooq ◽

Muhammad Iqbal ◽

Muhammad Talha Alam ◽

Kamran Rasheed

Keyword(s):

Machine Learning ◽

Web Applications ◽

Web Vulnerabilities

Download Full-text

Session details: Session 6C -- Web Vulnerabilities

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14 ◽

10.1145/3255159 ◽

2014 ◽

Author(s):

Kehuan Zhang

Keyword(s):

Web Vulnerabilities

Download Full-text

Estimation of Web Vulnerabilities Based on Attack Tree and Threat Model Analysis

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2019.7838 ◽

2019 ◽

Vol 16 (5) ◽

pp. 1993-2000

Author(s):

T Aditya Sai Srinivas ◽

Somula Ramasubbareddy ◽

K Govinda

Keyword(s):

Model Analysis ◽

Attack Tree ◽

Threat Model ◽

Web Vulnerabilities

Download Full-text

Web vulnerabilities: identifying patterns and remedies

Network Security ◽

10.1016/s1353-4858(16)30016-2 ◽

2016 ◽

Vol 2016 (2) ◽

pp. 5-10 ◽

Cited By ~ 4

Author(s):

Ian Muscat

Keyword(s):

Web Vulnerabilities

Download Full-text

An OWASP Top Ten Driven Survey on Web Application Protection Methods

10.36227/techrxiv.13265180.v1 ◽

2020 ◽

Author(s):

Ouissem Ben Fredj ◽

omar cheikhrouhou ◽

Moez Krichen ◽

Habib Hamam ◽

Abdelouahid Derhab

Keyword(s):

Web Application ◽

Data Exchange ◽

Web Applications ◽

Sensitive Data ◽

Web Vulnerabilities ◽

Broad Scale

Web applications (WAs) are constantly evolving and deployed at broad scale. However, they are exposed to a variety of attacks. The biggest challenge facing organizations is how to develop a WA that fulfills their requirements with respect to sensitive data exchange, E-commerce, and secure workflows. This paper identifies the most critical web vulnerabilities according to OWASP Top Ten, their corresponding attacks, and their countermeasures. The application of these countermeasures will guarantee the protection of the WAs against the most severe attacks and prevent several unknown exploits.

Download Full-text

Web Client and Web Server approaches to Prevent XSS Attacks

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v4i2b1.3222 ◽

2005 ◽

Vol 4 (2) ◽

pp. 345-352 ◽

Cited By ~ 2

Author(s):

Jyoti Snehi ◽

Dr. Renu Dhir

Keyword(s):

Web Applications ◽

Web Server ◽

Background Process ◽

Web Vulnerabilities ◽

Cross Site

Websites rely completely on complex web applications to deliver content to all users according to set preferences and specific needs. In this manner organizations provide better value to their customers and prospects. Dynamic websites suffer from various vulnerabilities rendering organizations helpless and prone to cross site scripting attacks. Cross Site Scripting attacks are difficult to detect because they are executed as a background process. Cross Site Scripting is the most common web vulnerabilities in existence today which is most exploited issue .In this paper we have presented various approaches used by clients and Server to prevent XSS attacks

Download Full-text

Countering Cross-Site Scripting in Web-based Applications

International Journal of Strategic Information Technology and Applications ◽

10.4018/ijsita.2015010105 ◽

2015 ◽

Vol 6 (1) ◽

pp. 57-68 ◽

Cited By ~ 1

Author(s):

Loye Lynn Ray

Keyword(s):

Web Sites ◽

Web Application ◽

Information Source ◽

Web Application Security ◽

Web Based ◽

Application Security ◽

Dynamic Web ◽

Web Vulnerabilities ◽

Cross Site

Today's dynamic web-based applications have become a normal and critical asset to an organizations business. They come with an increase in the number of web vulnerabilities and attacks. These weaknesses allow hackers to focus their attention on attacking this important information source. The most common vulnerability is cross-site scripting (XSS) and one of the Open Web Application Security project (OWASP) top ten web-threats. XSS occurs when a Web-based application allows untrusted information be accepted and sent back to a browser. Also they can execute scripts within a browser that can deface web sites, redirect users to malicious content and hijack browsers. One reason for this problem was the lack of developers understanding the causes of XSS. In this paper, the authors address the causes of XSS and countermeasures to defense against these threats.

Download Full-text