Web Vulnerability Scanner (WVS): A Tool for detecting Web Application Vulnerabilities
Journal: International Journal of Engineering Research (IJER) (Vol.3, No. 2)Publication Date: 2014-02-01
Authors : Shivam Swarup R.K Kapoor;
Page : 130-135
Keywords : web vulnerability; SQL injection; XSS;
Abstract
In recent years, internet applications have became enormously well-liked, and today they're habitually employed in security-critical environments, like medical, ?nancial, and military systems. Because the use of internet applications has increased, the amount and class of attacks against these applications have also matured. Moreover, the research community primarily targeted on detecting vulnerabilities, which results from insecure information ?ow in internet applications like cross-site scripting and SQL injection have also increased. Injection Attacks exploit vulnerabilities of websites by inserting and executing malicious code (e.g., information query, JavaScript functions) in unsuspecting users, computing surroundings or on a web server. Such attacks compromise user’s information, system resources and cause a significant threat to private and business assets. We tend to investigate and develop a tool Web Vulnerability Scanner (WVS) which queries the vulnerable fragments of applications (written in query and application languages) and are then identi?ed and analyzed o?ine (statically). Results show the effectiveness of our Tool, compared to the present ones in dimensions alike, it has been observed that vulnerabilities go undetected once the existing ways of area unit used; it makes offline analysis of applications time e?cient; and ?nally, it reduces the runtime observation overhead.
Other Latest Articles
- Iris Recognition using Mel-Fequency Cepstral Coefficient
- A New Survey on Block Matching Algorithms in Video Coding
- Thermal Analysis on Butt Welded Aluminium Alloy AA7075 Plate Using FEM
- Study of Different Face Recognition Algorithms and Challenges
- IJER@2014 Page 108 A Portable Wireless ECG Monitoring System using GSM Technique with Real Time Detection of Beat Abnormalities
Last modified: 2014-02-04 21:07:04