Ravindran et al., 2022 - Google Patents
A review on web application vulnerability assessment and penetration testing.Ravindran et al., 2022
View PDF- Document ID
- 2922815129848598810
- Author
- Ravindran U
- Potukuchi R
- Publication year
- Publication venue
- Review of Computer Engineering Studies
External Links
Snippet
Accepted: 22 December 2021 With the increase in the number of internet users, web applications, user data there is an increase in the number of hackers all over the world. It is becoming challenging for organizations to ensure the security of the data of their employees …
- 230000035515 penetration 0 title abstract description 46
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ravindran et al. | A review on web application vulnerability assessment and penetration testing. | |
| Patel | A survey on vulnerability assessment & penetration testing for secure communication | |
| Aljabri et al. | Testing and exploiting tools to improve owasp top ten security vulnerabilities detection | |
| Nagendran et al. | Web application penetration testing | |
| Gandikota et al. | Web application security through comprehensive vulnerability assessment | |
| Stewart | CompTIA Security+ Review Guide: Exam SY0-601 | |
| Moniruzzaman et al. | Measuring vulnerabilities of bangladeshi websites | |
| Kollepalli et al. | An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications. | |
| Fredj | Spheres: an efficient server-side web application protection system | |
| Lepofsky | The manager's guide to web application security: a concise guide to the weaker side of the web | |
| Garcia-Alfaro et al. | Prevention of cross-site scripting attacks on current web applications | |
| Mohammed et al. | Security of web applications: Threats, vulnerabilities, and protection methods | |
| Bhalme et al. | Cyber attack detection and implementation of prevention methods for web application | |
| Deshpande et al. | Major web application threats for data privacy & security–detection, analysis and mitigation strategies | |
| Krasniqi et al. | Vulnerability Assessment & Penetration Testing: Case study on web application security | |
| Kothawade et al. | Cloud Security: Penetration Testing of Application in Micro-service architecture and Vulnerability Assessment. | |
| Riskhan et al. | Major vulnerabilities of web application in real world scenarios and their prevention | |
| Izagirre | Deception strategies for web application security: application-layer approaches and a testing platform | |
| Rao et al. | A Three-Pronged Approach to Mitigate Web Attacks | |
| Condal Fontanet | Analysis of web applications penetration testing and its realization | |
| Gill et al. | Vulnerability Exploiter for Web Applications | |
| Ghadekar et al. | Efficient web application vulnerabilities detection model | |
| Zatar et al. | Security Analysis in IoT Network APIs An Analytical Study of Vulnerabilities, Attack And Protection Techniques | |
| Cordella | Web application penetration testing: an analysis of a corporate application according to OWASP guidelines | |
| Yergaliyev | Continuous security testing for an existing client-server application |