Unified Approach to Vulnerability Analysis of Web Applications
Web vulnerabilities in web-based applications may be detected, classified and documented. Several Web scanners exist for vulnerabilities in Web applications implemented via different technologies. However, none of them provides the technology-independent, generic coverage of possible vulnerabilities...
Saved in:
| Published in | International Electronic Conference on Computer Science (AIP Conference Proceedings Volume 1060) Vol. 1060; pp. 155 - 159 |
|---|---|
| Main Authors | , |
| Format | Journal Article |
| Language | English |
| Published |
01.01.2008
|
| Online Access | Get full text |
| ISBN | 0735405905 9780735405905 |
| ISSN | 0094-243X |
| DOI | 10.1063/1.3037041 |
Cover
| Summary: | Web vulnerabilities in web-based applications may be detected, classified and documented. Several Web scanners exist for vulnerabilities in Web applications implemented via different technologies. However, none of them provides the technology-independent, generic coverage of possible vulnerabilities. In this project that is funded by Mindef Singapore, we propose a new approach for Web application security and vulnerability analysis. The design addresses the categorization of scanner results with a generic data model and the design of a language-independent rule-based engine that detects, analyses and reports suspected vulnerabilities in web-based applications. |
|---|---|
| Bibliography: | SourceType-Scholarly Journals-2 ObjectType-Feature-2 ObjectType-Conference Paper-1 content type line 23 SourceType-Conference Papers & Proceedings-1 ObjectType-Article-3 |
| ISBN: | 0735405905 9780735405905 |
| ISSN: | 0094-243X |
| DOI: | 10.1063/1.3037041 |