An Imperative Analysis of diverse State of Art Solutions for Internet and Web Application Security

2014 ◽  
Keyword(s):  
Web Application ◽  
Web Application Security ◽  
Application Security ◽  
State Of Art

scholarly journals Preventive Measures for Cross Site Request Forgery Attacks on Web-based Applications

2018 ◽  
Vol 7 (4.15) ◽  
pp. 130
Author(s):  
Emil Semastin ◽  
Sami Azam ◽  
Bharanidharan Shanmugam ◽  
Krishnan Kannoorpatti ◽  
Mirjam Jonokman ◽  
...  
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Operating Cycle ◽  
Web Application Security ◽  
Web Based ◽  
Business World ◽  
Application Security ◽  
Server Side ◽  
Combined Solution ◽  
Cross Site Request Forgery

Today’s contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL.  

DATABASE PROTECTION BASED ON WEB APPLICATION FIREWALL

2021 ◽  
Vol 1 ◽  
pp. 84-90
Author(s):  
Rustam Kh. Khamdamov ◽  
◽  
Komil F. Kerimov ◽  
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Personal Information ◽  
Database Security ◽  
Security Threats ◽  
Web Application Security ◽  
Application Security ◽  
Client Request ◽  
Database Protection ◽  
Information Bank

Web applications are increasingly being used in activities such as reading news, paying bills, and shopping online. As these services grow, you can see an increase in the number and extent of attacks on them, such as: theft of personal information, bank data and other cases of cybercrime. All of the above is a consequence of the openness of information in the database. Web application security is highly dependent on database security. Client request data is usually retrieved by a set of requests that request the application user. If the data entered by the user is not scanned very carefully, you can collect a whole host of types of attacks that use web applications to create security threats to the database. Unfortunately, due to time constraints, web application programmers usually focus on the functionality of web applications, but only few worry about security. This article provides methods for detecting anomalies using a database firewall. The methods of penetration and types of hacks are investigated. A database firewall is proposed that can block known and unknown attacks on Web applications. This software can work in various ways depending on the configuration. There are almost no false positives, and the overhead of performance is relatively small. The developed database firewall is designed to protect against attacks on web application databases. It works as a proxy, which means that requests for SQL expressions received from the client will first be sent to the developed firewall, rather than to the database server itself. The firewall analyzes the request: requests that are considered strange are blocked by the firewall and an empty result is returned to the client.

scholarly journals Pattern Image based Dynamic Framework for Security in Web Application

2021 ◽  
Vol 10 (2) ◽  
pp. 767-780
Keyword(s):  
Web Application ◽  
Image Transmission ◽  
Functional Requirements ◽  
Web Application Security ◽  
Application Security ◽  
Dynamic Framework ◽  
Secure Information ◽  
Authentication System ◽  
A Chain ◽  
Processing Techniques

Web Application Security is one of the most important non functional requirements whenever we build a web application. A chain is just as though it were effective as its weakest relation, as is the case with defence. We might be having very strong applications and might be having very strong infrastructure because one small flaw can break the security. In terms of image based security the image processing techniques are used. The image can be used for authentication of the system like in the present work the image is being used as “pattern image based authentication system”. In majority of the web systems the security can be comprised by visualizing the passwords on runtime or accessing the system by unwanted calls like phishing attacks. In the current work the image based pattern is being used which actually is dynamic in nature like changes after every attempt made by the user either successful or unsuccessful, the patterns are drawn on the basis of the passcode generated. The system works for the manual hacking of the user id and password and also hacking the data by visualization. The developed system is prone to many type of attacks like phishing attack where the attackers shares information over mail, message and other medium to get the secure information from the user. This technique is used to develop an effective web application, and the results show that our method provides a quick and secure image transmission process

scholarly journals Secure ASP.NET Web Application by Discovering Broken Authentication and Session Management Vulnerabilities

2017 ◽  
Vol 10 (2) ◽  
pp. 359-363
Author(s):  
Rupal Sharma ◽  
Ravi Sheth
Keyword(s):  
Web Service ◽  
Web Application ◽  
Web Applications ◽  
The Other ◽  
Web Application Security ◽  
Application Security ◽  
Security Vulnerability ◽  
Session Management ◽  
The Given ◽  
The Web

Today, web application security is most significant battlefield between victim, attacker and resource of web service. The owner of web applications can’t see security vulnerability in web application which develops in ASP.NET. This paper explain one algorithm which aim to identify broken authentication and session management vulnerability. The given method of this paper scan the web application files. The created scanner generator relies on studying the source character of the application limited ASP.NET files and the code be beholden files. A program develop for this motive is to bring about a report which describes vulnerabilities types by mentioning the indict name, disclose description and its location. The aim of the paper is to discover the broken authentication and session management vulnerabilities. The indicated algorithm will uphold organization and developer to repair the vulnerabilities and recover from one end to the other security.

scholarly journals A Complete Strategy For Web Application Security

2020 ◽  
Author(s):  
Hua Xu ◽  
Ronald Glotzbach ◽  
Nathan Hartman
Keyword(s):  
Web Application ◽  
Web Application Security ◽  
Application Security
Sign in / Sign up

Export Citation Format

Share Document