scholarly journals Pattern based Web Security Testing

2018 ◽  
Author(s):  
Paulo J. M. Araújo ◽  
Ana C. R. Paiva
Keyword(s):  
Web Security ◽  
Security Testing

Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing

2015 ◽  
Author(s):  
Josip Bozic ◽  
Bernhard Garn ◽  
Ioannis Kapsalis ◽  
Dimitris Simos ◽  
Severin Winkler ◽  
...  
Keyword(s):  
Web Security ◽  
Combinatorial Testing ◽  
Security Testing ◽  
Attack Pattern

scholarly journals An Analysis of Vulnerability Web Against Attack Unrestricted Image File Upload

2016 ◽  
Vol 5 (1) ◽  
pp. 19-28 ◽  
Author(s):  
Imam Riadi ◽  
Eddy Irawan Aristianto
Keyword(s):  
Computer Security ◽  
Web Security ◽  
Security Testing ◽  
Security Technology ◽  
Program Code ◽  
Image File ◽  
Before And After ◽  
File Upload ◽  
The Difference ◽  
Strongly Agree

The development of computer security technology is very rapidly. Web security is one of the areas that require particular attention related to the abundance of digital crimes conducted over the web. Unrestricted file upload image is a condition in the process of uploading pictures is not restricted. This can be used to make the attacker retrieve the information that is contained in a system. This research developed with several stages, such as, data collection, analysis of the current conditions, designing improvements to the program code, testing and implementation of the results of patch. Security testing is performed to find out the difference between before and after conditions applied patch unrestricted image file upload. Based on the results of testing done by the method of penetration testing results obtained before the application of patch unrestricted image file upload results respondents said 15% strongly disagree, 85% did not agree. Testing after applying patch unrestricted image file upload results respondents said 7.5% strongly agree, 92.5% agree, so it can be concluded that the development of the patch that has been done has been running smoothly as expected.

scholarly journals Methodology of Security testing of IKID website and Security Vulnerabilities

2021 ◽  
Vol 6 (1) ◽  
pp. 83-90
Author(s):  
Mustofa Kamil
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Web Security ◽  
Security Testing ◽  
Security Vulnerabilities ◽  
Web Application Security ◽  
Systems Security ◽  
Network Application ◽  
The Right ◽  
Day By Day

Due to the large amount of data stored in web applications and the increasing number of transactions on the web, the right Web Application Security Testing is very important day by day and web application is an important in business life. By increasing complexity of web systems, Security testing has become a very necessary and important activity of the life cycle of developing web applications, web security testing consists of searching for information about the network, application and looking for holes and weakness.

Security Test by using F T M and Data Allocation Strategies on Leakage Detection

2005 ◽  
Vol 4 (2) ◽  
pp. 393-400
Author(s):  
Pallavali Radha ◽  
G. Sireesha
Keyword(s):  
Third Party ◽  
Distributed Data ◽  
Data Allocation ◽  
Security Testing ◽  
Sensitive Data ◽  
Sample Data ◽  
The One ◽  
Security Test ◽  
Data Request ◽  
Allocation Strategies

The data distributors work is to give sensitive data to a set of presumably trusted third party agents.The data i.e., sent to these third parties are available on the unauthorized places like web and or some ones systems, due to data leakage. The distributor must know the way the data was leaked from one or more agents instead of as opposed to having been independently gathered by other means. Our new proposal on data allocation strategies will improve the probability of identifying leakages along with Security attacks typically result from unintended behaviors or invalid inputs.  Due to too many invalid inputs in the real world programs is labor intensive about security testing.The most desirable thing is to automate or partially automate security-testing process. In this paper we represented Predicate/ Transition nets approach for security tests automated generationby using formal threat models to detect the agents using allocation strategies without modifying the original data.The guilty agent is the one who leaks the distributed data. To detect guilty agents more effectively the idea is to distribute the data intelligently to agents based on sample data request and explicit data request. The fake object implementation algorithms will improve the distributor chance of detecting guilty agents.

Sign in / Sign up

Export Citation Format

Share Document