web security
Recently Published Documents


TOTAL DOCUMENTS

336
(FIVE YEARS 84)

H-INDEX

14
(FIVE YEARS 2)

2022 ◽  
Vol 16 (1) ◽  
pp. 1-62
Author(s):  
Nampoina Andriamilanto ◽  
Tristan Allard ◽  
Gaëtan Le Guelvouit ◽  
Alexandre Garel

Modern browsers give access to several attributes that can be collected to form a browser fingerprint. Although browser fingerprints have primarily been studied as a web tracking tool, they can contribute to improve the current state of web security by augmenting web authentication mechanisms. In this article, we investigate the adequacy of browser fingerprints for web authentication. We make the link between the digital fingerprints that distinguish browsers, and the biological fingerprints that distinguish Humans, to evaluate browser fingerprints according to properties inspired by biometric authentication factors. These properties include their distinctiveness, their stability through time, their collection time, their size, and the accuracy of a simple verification mechanism. We assess these properties on a large-scale dataset of 4,145,408 fingerprints composed of 216 attributes and collected from 1,989,365 browsers. We show that, by time-partitioning our dataset, more than 81.3% of our fingerprints are shared by a single browser. Although browser fingerprints are known to evolve, an average of 91% of the attributes of our fingerprints stay identical between two observations, even when separated by nearly six months. About their performance, we show that our fingerprints weigh a dozen of kilobytes and take a few seconds to collect. Finally, by processing a simple verification mechanism, we show that it achieves an equal error rate of 0.61%. We enrich our results with the analysis of the correlation between the attributes and their contribution to the evaluated properties. We conclude that our browser fingerprints carry the promise to strengthen web authentication mechanisms.


2022 ◽  
Vol 40 (3) ◽  
pp. 1233-1248
Author(s):  
Abdulwahed Awad Almutairi ◽  
Shailendra Mishra ◽  
Mohammed AlShehri
Keyword(s):  

2022 ◽  
Author(s):  
Joel Coffman ◽  
Zachary Romano ◽  
Jennifer Windsor ◽  
Mathew Vanderpol
Keyword(s):  

2021 ◽  
Vol 7 (2) ◽  
pp. 53
Author(s):  
Mazlina Mahdzar

Purchasing products and services via online is an important way of doing business for many tourism and hospitality intermediaries and travel operators. This study aims to examine the relationship linking students perspective of cognitive factors and their intentions to purchase online airline e-ticket from online travel agencies. Using convenience sampling, a total of 302 survey questionnaires were distributed to hospitality and tourism students in UiTM via google form. 245 responses were received and used for data analysis. Regression results revealed that two cognitive factors have significant relationships with students intentions to purchase airline e-ticket online. These include perceived risks and web security. Of these two attributes, web security have the most significant impact on students intentions to purchase airline e-ticket online. The study provides insights to online travel operators on the factors to concentrate in improving their services to customers as well as assist them in boosting their sales in the future and to achieve customer loyalty.


2021 ◽  
Vol 2 ◽  
pp. 1-9
Author(s):  
Stanislav Dakov ◽  
Anna Malinova

E-commerce security is part of the Web security problems that arise in all business information systems that operate over the Internet. However, in e-commerce security, the dimensions of web security – secrecy, integrity, and availability-are focused on protecting the consumer’s and e-store site’s assets from unauthorized access, use, alteration, or destruction. The paper presents an overview of the recent security issues in e-commerce applications and the usual points the attacker can target, such as the client (data, session, identity); the client computer; the network connection between the client and the webserver; the web server; third party software vendors. Discussed are effective approaches and tools used to address different e-commerce security threats. Special attention is paid to Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), phishing attacks, SQL injection, Man-in-the-middle, bots, denial-of-service, encryption, firewalls, SSL digital signatures, security certificates, PCI compliance. The research outlines and suggests many security solutions and best practices.


2021 ◽  
Author(s):  
Zachary Romano ◽  
Jennifer Windsor ◽  
Mathew VanDerPol ◽  
Joel Coffman
Keyword(s):  

2021 ◽  
Author(s):  
Ali Moradi Vartouni ◽  
Matin Shokri ◽  
Mohammad Teshnehlab

Protecting websites and applications from cyber-threats is vital for any organization. A Web application firewall (WAF) prevents attacks to damaging applications. This provides a web security by filtering and monitoring traffic network to protect against attacks. A WAF solution based on the anomaly detection can identify zero-day attacks. Deep learning is the state-of-the-art method that is widely used to detect attacks in the anomaly-based WAF area. Although deep learning has demonstrated excellent results on anomaly detection tasks in web requests, there is trade-off between false-positive and missed-attack rates which is a key problem in WAF systems. On the other hand, anomaly detection methods suffer adjusting threshold-level to distinguish attack and normal traffic. In this paper, first we proposed a model based on Deep Support Vector Data Description (Deep SVDD), then we compare two feature extraction strategies, one-hot and bigram, on the raw requests. Second to overcome threshold challenges, we introduce a novel end-to-end algorithm Auto-Threshold Deep SVDD (ATDSVDD) to determine an appropriate threshold during the learning process. As a result we compare our model with other deep models on CSIC-2010 and ECML/PKDD-2007 datasets. Results show ATDSVDD on bigram feature data have better performance in terms of accuracy and generalization. <br>


2021 ◽  
Author(s):  
Ali Moradi Vartouni ◽  
Matin Shokri ◽  
Mohammad Teshnehlab

Protecting websites and applications from cyber-threats is vital for any organization. A Web application firewall (WAF) prevents attacks to damaging applications. This provides a web security by filtering and monitoring traffic network to protect against attacks. A WAF solution based on the anomaly detection can identify zero-day attacks. Deep learning is the state-of-the-art method that is widely used to detect attacks in the anomaly-based WAF area. Although deep learning has demonstrated excellent results on anomaly detection tasks in web requests, there is trade-off between false-positive and missed-attack rates which is a key problem in WAF systems. On the other hand, anomaly detection methods suffer adjusting threshold-level to distinguish attack and normal traffic. In this paper, first we proposed a model based on Deep Support Vector Data Description (Deep SVDD), then we compare two feature extraction strategies, one-hot and bigram, on the raw requests. Second to overcome threshold challenges, we introduce a novel end-to-end algorithm Auto-Threshold Deep SVDD (ATDSVDD) to determine an appropriate threshold during the learning process. As a result we compare our model with other deep models on CSIC-2010 and ECML/PKDD-2007 datasets. Results show ATDSVDD on bigram feature data have better performance in terms of accuracy and generalization. <br>


Sign in / Sign up

Export Citation Format

Share Document