Welcome to the InfoSci Platform
Security Testing Framework for Web Applications

Security Testing Framework for Web Applications

Layla Mohammed Alrawais, Mamdouh Alenezi, Mohammad Akour
Copyright: © 2022 |Pages: 27
ISBN13: 9781668437025|ISBN10: 1668437023|EISBN13: 9781668437032
DOI: 10.4018/978-1-6684-3702-5.ch023
Cite Chapter Cite Chapter

MLA

Alrawais, Layla Mohammed, et al. "Security Testing Framework for Web Applications." Research Anthology on Agile Software, Software Development, and Testing, edited by Information Resources Management Association, IGI Global, 2022, pp. 453-479. https://doi.org/10.4018/978-1-6684-3702-5.ch023

APA

Alrawais, L. M., Alenezi, M., & Akour, M. (2022). Security Testing Framework for Web Applications. In I. Management Association (Ed.), Research Anthology on Agile Software, Software Development, and Testing (pp. 453-479). IGI Global. https://doi.org/10.4018/978-1-6684-3702-5.ch023

Chicago

Alrawais, Layla Mohammed, Mamdouh Alenezi, and Mohammad Akour. "Security Testing Framework for Web Applications." In Research Anthology on Agile Software, Software Development, and Testing, edited by Information Resources Management Association, 453-479. Hershey, PA: IGI Global, 2022. https://doi.org/10.4018/978-1-6684-3702-5.ch023

Export Reference

Mendeley
Favorite

Abstract

The growth of web-based applications has increased tremendously from last two decades. While these applications bring huge benefits to society, yet they suffer from various security threats. Although there exist various techniques to ensure the security of web applications, still a large number of applications suffer from a wide variety of attacks and result in financial loses. In this article, a security-testing framework for web applications is proposed with an argument that security of an application should be tested at every stage of software development life cycle (SDLC). Security testing is initiated from the requirement engineering phase using a keyword-analysis phase. The output of the first phase serves as input to the next phase. Different case study applications indicate that the framework assists in early detection of security threats and applying appropriate security measures. The results obtained from the implementation of the proposed framework demonstrated a high detection ratio with a less false-positive rate.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.