Detection, Avoidance, and Attack Pattern Mechanisms in Modern Web Application Vulnerabilities: Present and Future Challenges

Detection, Avoidance, and Attack Pattern Mechanisms in Modern Web Application Vulnerabilities: Present and Future Challenges

Shashank Gupta (Department of Computer Engineering, National Institute of Technology Kurukshetra, India) and B. B. Gupta (Department of Computer Engineering, National Institute of Technology Kurukshetra, India)
Copyright: © 2017 |Pages: 43
DOI: 10.4018/IJCAC.2017070101

Abstract

In this paper, we present comprehensive survey of secured web application by identifying numerous serious threats faced by several-related organizations. Based on this, we have summarized the statistics of all emerging web application vulnerabilities by referring several-linked vulnerabilities and their classifications like US-CERT, CVE, CWE, NVD, OWASP etc. In addition, we present a comprehensive survey of the emerging web application weaknesses and discuss how to avoid, detect and attack pattern mechanisms of all critical web threats. Moreover, a detailed comparison has also been presented for all emerging web application exposures corresponding to certain threat agents, which indicates the level of the threat for a recognized vulnerability. In addition, we discuss numerous precautions that can be taken while defining lifecycle of web applications with hacking tools and describe ways to launch & utilize safety procedures and regular security controls in a recursive manner.
Article Preview

Motivation

Now-a-days, large multinational corporations depend on the web application to extend and span their business comprising public sector, banking sector, e-commerce, IT sector, etc. All these web applications are built using advanced web technologies like AJAX, JavaScript and are hosted by the cloud servers. While, these are crucial for the business, but at the same time, they are also vulnerable to the various types of cyber-attacks. Consequently, it leads to the reputation damage, loss of sensitive information, financial loss, etc. Figure 1 illustrates the percentage of web application system developed using different programming languages as reported by the Web Application Vulnerability Statistics (2013) (Web application Vulnerability statistics, 2013). It is stated by the report that PHP and Java are the most popular web application development technologies. ‘Other’ category may include less popular languages like perl, python, etc.

Figure 1.

Percentage of web application developed by using different programming language platforms

There are several vulnerabilities that have infected a large number of web applications of almost every field. Figure 2 shows the statistics for these vulnerabilities that are commonly found in the web applications as reported by the White Hat Security (2015) (White Hat, 2015).

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 8: 4 Issues (2018)
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing