Threats and Attacks on E-Commerce Sites

Threats and Attacks on E-Commerce Sites

Kannan Balasubramanian (Mepco Schlenk Engineering College, India)
Copyright: © 2016 |Pages: 20
DOI: 10.4018/978-1-5225-0273-9.ch006
OnDemand PDF Download:
No Current Special Offers


In this chapter, a detailed knowledge of some of the most devastating attacks against Web applications and common tools in the attacker's arsenal is discussed. There are many ways of categorizing and classifying attacks: based on the complexity to mount them, the effect they have on the target system, the type of vulnerability that they exploit, the assets that they expose, the difficulty of detecting and fixing them, and so on. There are different methodologies for Vulnerability Assessment and Threat Analysis (VATA) and many sources to consult for assessing the risk of each attack. Among other sources, in this chapter we pay special attention to the methodology of Open Web Application Security Project (OWASP) because OWASP is one of the most active security communities on the Web. Other good resources to follow the attack and vulnerability trends are Common Vulnerabilities and Exposures (CVE), National Vulnerability Database (NVD), United States CERT Bulletins (US-CERT), and SANS.
Chapter Preview

Basic Definitions

In this section we are going to define basic concepts that will help better understand the terminologies used in the rest of this chapter.

Complete Chapter List

Search this Book: