Zobrazit v EDS

Detecting vulnerabilities in website using multiscale approaches: based on case study.

Uloženo v:
Podrobná bibliografie
Název: Detecting vulnerabilities in website using multiscale approaches: based on case study.
Autoři: Chowdhury, Mudassor Ahmed, Rahman, Mushfiqur, Rahman, Sifatnur
Zdroj: International Journal of Electrical & Computer Engineering (2088-8708); Jun2024, Vol. 14 Issue 3, p2814-2821, 8p
Témata: SECURE Sockets Layer (Computer network protocol), TRAFFIC patterns, TRAFFIC monitoring, WEB-based user interfaces, CREDIT cards
Abstrakt: In the realm of modern web applications, security stands as an utmost priority. To address this critical concern, we've developed a versatile Python script with the primary goal of proactively identifying vulnerabilities and thwarting transient attacks. Leveraging various libraries, this tool comprehensively covers a broad spectrum of threats, including SQL injection (SQLi), cross-site scripting (XSS), cross-site request forgery (CSRF), sensitive data leakage, security misconfiguration, distributed denial-of-service (DDoS) vulnerabilities, and secure socket layer (SSL) or transport layer security (TLS). This Python-based solution prioritizes adaptability, ensuring seamless integration of future updates to effectively combat evolving threats. Utilizing innovative methods such as SQLi and XSS payload injection, the script assesses the susceptibility of input fields. And addressing CSRF vulnerabilities, the script generates and validates tokens, fortifying defenses against unauthorized actions. Employing pattern analysis, it combats sensitive data exposure and security misconfigurations, adeptly identifying elements like credit card numbers, passwords, and headers. Furthermore, the script enhances overall security by scrutinizing SSL/TLS protocols and monitoring port accessibility. It reinforces DDoS detection by actively monitoring traffic patterns, identifying anomalies, and proactively averting disruptions. [ABSTRACT FROM AUTHOR]
Copyright of International Journal of Electrical & Computer Engineering (2088-8708) is the property of Institute of Advanced Engineering & Science and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Databáze: Complementary Index
Popis
Abstrakt:In the realm of modern web applications, security stands as an utmost priority. To address this critical concern, we've developed a versatile Python script with the primary goal of proactively identifying vulnerabilities and thwarting transient attacks. Leveraging various libraries, this tool comprehensively covers a broad spectrum of threats, including SQL injection (SQLi), cross-site scripting (XSS), cross-site request forgery (CSRF), sensitive data leakage, security misconfiguration, distributed denial-of-service (DDoS) vulnerabilities, and secure socket layer (SSL) or transport layer security (TLS). This Python-based solution prioritizes adaptability, ensuring seamless integration of future updates to effectively combat evolving threats. Utilizing innovative methods such as SQLi and XSS payload injection, the script assesses the susceptibility of input fields. And addressing CSRF vulnerabilities, the script generates and validates tokens, fortifying defenses against unauthorized actions. Employing pattern analysis, it combats sensitive data exposure and security misconfigurations, adeptly identifying elements like credit card numbers, passwords, and headers. Furthermore, the script enhances overall security by scrutinizing SSL/TLS protocols and monitoring port accessibility. It reinforces DDoS detection by actively monitoring traffic patterns, identifying anomalies, and proactively averting disruptions. [ABSTRACT FROM AUTHOR]
ISSN:20888708
DOI:10.11591/ijece.v14i3.pp2814-2821