OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

Journal of Software Engineering and Applications 2024

Design & Test of an Advanced Web Security Analysis Tool (AWSAT)

DOI: 10.4236/jsea.2024.175024, PP. 448-461

Meenakshi S. P. Manikandaswamy, Vijay Madisetti

Keywords: Web Security, Automated Analysis, Vulnerability Assessment, Web Scanning, Cross-Site Scripting, SQL Injection, Cross-Site Request Forgery

Full-Text Cite this paper Add to My Lib

Abstract:

Considering the escalating frequency and sophistication of cyber threats targeting web applications, this paper proposes the development of an automated web security analysis tool to address the accessibility gap for non-security professionals. This paper presents the design and implementation of an automated web security analysis tool, AWSAT, aimed at enabling individuals with limited security expertise to effectively assess and mitigate vulnerabilities in web applications. Leveraging advanced scanning techniques, the tool identifies common threats such as Cross-Site Scripting (XSS), SQL Injection, and Cross-Site Request Forgery (CSRF), providing detailed reports with actionable insights. By integrating sample payloads and reference study links, the tool facilitates informed decision-making in enhancing the security posture of web applications. Through its user-friendly interface and robust functionality, the tool aims to democratize web security practices, empowering a wider audience to proactively safeguard against cyber threats.

References

[1]	https://www.cobalt.io/blog/cybersecurity-statistics-2024
[2]	https://expertinsights.com/insights/50-web-security-stats-you-should-know
[3]	https://www.ponemon.org/research/ponemon-library/security/reducing-enterprise-application-security-risks-more-work-needs-to-be-done.html
[4]	https://www.statista.com/statistics/273575/us-average-cost-incurred-by-a-data-breach/
[5]	https://www.statista.com/statistics/617136/digital-population-worldwide
[6]	Daud, N.I., Bakar, K.A.A. and Hasan, M.S.M. (2014) A Case Study on Web Application Vulnerability Scanning Tools. 2014 Science and Information Conference, London, 27-29 August 2014, 595-600. https://doi.org/10.1109/SAI.2014.6918247
[7]	Alzahrani, A., Alqazzaz, A., Zhu, Y., Fu, H. and Almashfi, N. (2017) Web Application Security Tools Analysis. In 2017 IEEE 3rd International Conference on Big Data Security on Cloud, Beijing, 26-28 May 2017, 237-242. https://doi.org/10.1109/BigDataSecurity.2017.47
[8]	Curphey, M. and Arawo, R. (2006) Web Application Security Assessment Tools. IEEE Security & Privacy, 4, 32-41. https://doi.org/10.1109/MSP.2006.108
[9]	Mohammed, R. (2016) Assessment of Web Scanner Tools. International Journal of Computer Applications, 133, 1-4. https://doi.org/10.5120/ijca2016907794
[10]	Dukes, L., Yuan, X. and Akowuah, F. (2013) A Case Study on Web Application Security Testing with Tools and Manual Testing. In 2013 Proceedings of IEEE Southeastcon, Jacksonville, 4-7 April 2013, 1-6. https://doi.org/10.1109/SECON.2013.6567420
[11]	Wakhale, A. (2018) Web Application Vulnerability Assessment Tools Analysis. UMBC Student Collection.
[12]	Joshi, C. and Singh, U.K. (2016) Performance Evaluation of Web Application Security Scanners for More Effective Defense. International Journal of Scientific and Research Publications (IJSRP), 6, 660-667.
[13]	http://sectooladdict.blogspot.com/2017/11/wavsep-2017-evaluating-dast-against.html

Full-Text

comments powered by Disqus

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133

WeChat 1538708413