HTTP Cookies: Standards, privacy, and politics
ACM Transactions on Internet Technology (TOIT)
Information Security Tech. Report
On automated prepared statement generation to remove SQL injection vulnerabilities
Information and Software Technology
Information Security Management Handbook, Sixth Edition, Volume 2
Information Security Management Handbook, Sixth Edition, Volume 2
Perturbation-based user-input-validation testing of web applications
Journal of Systems and Software
Automated removal of cross site scripting vulnerabilities in web applications
Information and Software Technology
| Hi-index | 0.00 |
The security of web applications is an important issue for any organisation that deploys its own websites. If an organisation takes the required precautions and countermeasures, it can prevent the possible attacks. Otherwise, its critical data, reputation and credibility will be at risk. Nowadays, firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS) provide security at the network layer. However, more than 70% of present world's security attacks exploit the vulnerabilities at the application level. Cross-site scripting, SQL injection, cookie poisoning and forceful browsing are some of the most common website vulnerabilities. Stringent user input validation, proper session management, and exploitation of web application firewalls, etc., can be used as countermeasures to combat the attacks on websites. In this paper, we discuss how attackers can exploit the vulnerabilities of web applications and how we can implement effective countermeasures to secure our web applications.