44,864 Hits in 8.1 sec

A New Approach towards DoS Penetration Testing on Web Services

Andreas Falkenberg, Christian Mainka, Juraj Somorovsky, Jorg Schwenk
2013 2013 IEEE 20th International Conference on Web Services  
We present a new fully automated plugin for the WS-Attacker penetration testing tool implementing major DoS attacks.  ...  In this paper, we investigate an automatic evaluation of Web service specific Denial of Service (DoS) attacks.  ...  ACKNOWLEDGEMENTS We would like to thank the TÜVIT GmbH for giving the opportunity to test the tool on life systems.  ... 
doi:10.1109/icws.2013.72 dblp:conf/icws/FalkenbergMSS13 fatcat:4rnhyl4zwjfk7od6tjcsgp5mru

An Overview of Penetration Testing

Aileen G Bacudio, Xiaohong Yuan, Bei Tseng Bill Chu, Monique Jones
2011 International journal of network security and its applications  
Attacks on web application have increased. Web application security is a big challenge for any organizations as result of increasing attacks.  ...  Vulnerability assessment and Penetration testing are two approaches widely used by organizations to assess web application security. Both solutions are different and complimentary to each other.  ...  INTRODUCTION Web application usage has increased as more and more services are available on the web. A business using Web applications is also increasing day by day.  ... 
doi:10.5121/ijnsa.2011.3602 fatcat:kma6ryeeubawbl4rp2slrwbggy

Analysis of Vulnerability Detection Tool for Web Services

Senthamil Preethi K, Murugan A
2018 International Journal of Engineering & Technology  
The first one is depending on predefined set of web services and next one permits user to identify the workload (User defined web services).  ...  In this paper, proposed a benchmarking method to accessing and comparing the efficiency of vulnerability detection tools in the web service environment.  ...  To describe a workload (Stage1. planning) we utilized the ASIM approach. Benchmark over the penetration testing tools (exhibited on table 1) running on the workload code (Stage2. execution).  ... 
doi:10.14419/ijet.v7i3.12.16499 fatcat:ueegajwx3rfhbbnke6c3e3dgxi

Web Penetration Testing using Nessus and Metasploit Tool

Indraneel Mukhopadhyay, Shilpam Goswami, Eshita Mandal
2014 IOSR Journal of Computer Engineering  
Web Penetration Testing is a tool that is being used widely to see how the website reacts when an vulnerability attack is done.  ...  We have done a survey of some of the web penetration tools that are available and then we have proposed a architecture using nesus and metasploit tool to do scan vulnerabilities of an website.  ...  This paper proposed a new approach to penetration testing that improves both of these steps.  ... 
doi:10.9790/0661-1634126129 fatcat:7rx77efoqzct7dbfunbn643cya

Saudi cloud infrastructure: a security analysis

Wahid Rajeh, Hai Jin, Deqing Zou
2017 Science China Information Sciences  
for security enhancement in downlink cloud-RAN with limited CSI feedback SCIENCE CHINA Information Sciences 60, 040303 (2017); Building a public security service platform for Smart cloud TV Abstract The  ...  This paper explores the direct impact and significance of security in the Software Development Life Cycle (SDLC) through a case study that covers some 70 public domain web and cloud platforms within Saudi  ...  While these automated audits do not offer a one-stop solution to web security, they provide a cost-effective and scalable approach to security awareness.  ... 
doi:10.1007/s11432-016-0322-7 fatcat:nefd3jhchbgipcdcrrr2ok2zay

Proactive Web Server Protocol for Complaint Assessment [article]

G. Vijay Kumar, Ravikumar S. Raykundaliya, Dr. P. Naga Prasad
2014 arXiv   pre-print
The system called proactive vulnerability attack injection tool is suitable for adding new attacks injection vectors, methods to define new protocol states (or) Specification using the interface of tool  ...  The approaches such as fuzzers, Fault injection, vulnerabilities scanners, static vulnerabilities analyzers, Run time prevention mechanisms and software Rejuvenation are identifying the un-patched software  ...  Penetration tests are valuable for several causes: Flooding is a kind of Denial of Service (DoS)  Attack vector determines the Possibility of a attack that is designed in order to bring a network particular  ... 
arXiv:1402.1943v1 fatcat:5y66cagvrzcbjnxojivm3db3nq

VinJect: Sızma Testi ve Güvenlik Açığı Taraması Aracı

2018 Düzce Üniversitesi Bilim ve Teknoloji Dergisi  
Penetration testing plays an important role in the development of secure software products and electronic systems.  ...  This article describes the architecture of the software named VinJect, which is developed for efficient penetration testing and vulnerability scanning.  ...  Ali, Kali Linux-Assuring security by penetration testing. Packt Publishing Ltd, 2014.  ... 
doi:10.29130/dubited.425414 fatcat:b4cyphxeczhq3p6upxqeow7he4

A monitoring and testing framework for critical off-the-shelf applications and services

Nuno Antunes, Francesco Brancati, Andrea Ceccarelli, Andrea Bondavalli, Marco Vieira
2013 2013 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)  
Works towards certifying OTS components are also not new.  ...  Penetration testing is nowadays one of the most used techniques by web developers to detect vulnerabilities in their applications and services.  ... 
doi:10.1109/issrew.2013.6688923 dblp:conf/issre/AntunesBCBV13 fatcat:eyglrygg6rcrfgc4t52wyws5gm

On the Identification of Required Security Controls Suitable for Converged Web and Mobile Applications

Devotha Nyambo,
2016 International Journal of Computing and Digital Systems  
Contemporary development of information systems for service delivery is at the present a matter of bringing together use of web and mobile applications.  ...  As a result, applications are built with ad hoc implementations of security controls depending on context of usage.  ...  The approach used for web application security assessment included dynamic analysis with penetration testing.  ... 
doi:10.12785/ijcds/050105 fatcat:kgznrsviwndohcux25ghskelsu

Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention

Solomon Ogbomon Uwagbole, William J. Buchanan, Lu Fan
2017 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)  
Also, as a test case, we build a web application that expects dictionary word list as vector variables to demonstrate massive quantities of learning data.  ...  The existing solutions of mostly signature approaches were all before the recent challenges of big data mining and at such lacks the functionality and ability to cope with new signatures concealed in web  ...  SQLIA Corpus and Labelling We tested our approach on a web application expecting dictionary word list as a valid input.  ... 
doi:10.23919/inm.2017.7987433 dblp:conf/im/UwagboleBF17 fatcat:lzydjac44bfthiwuuejw4mz2hu

Network Infrastructure Vulnerabilities and Its Mitigation

Debalina Basu
2019 International Journal for Research in Applied Science and Engineering Technology  
Vulnerability Assessment and Penetration Testing can be utilized as a cyber-resistance innovation to give proactive cyber guard.  ...  We portrayed total life cycle of Vulnerability Assessment and Penetration Testing on systems or networks and proactive move made to determine that defencelessness and stop conceivable assault.  ...  Different apparatuses and systems are deployed in this project to perform web application penetration testing, android browser penetration testing, windows system penetration testing.  ... 
doi:10.22214/ijraset.2019.5314 fatcat:lkfrycupwnbx7kvb73xhcarp2e


Farah Abu-Dabaseh, Esraa Alshammari
2018 Figshare  
All resources make it a must to do frequently a penetration test (PT) for the environment and see what can the attacker gain and what is the current environment's vulnerabilities.  ...  This paper reviews some of the automated penetration testing techniques and presents its enhancement over the traditional manual approaches.  ...  Moreover, we can do a Gray hat which is a combined approach to the previous types into a custom test plan [4] .  ... 
doi:10.6084/m9.figshare.6860030 fatcat:mbf4yxzcffcptbb6dsdbkonbde

Securing Web Services

Rami Jaamour
2005 Information Systems Security  
Penetration testing dynamically exercises and scans the Web service deployed on a staging or production server.  ...  In order to test a Web service's vulnerability to DoS attacks caused by heavy loads, such DoS attacks should be simulated in fashion that is suitable to Web services.  ... 
doi:10.1201/1086.1065898x/45528.14.4.20050901/90087.5 fatcat:3iklf5tyuvavxfyor2f46aytdi

Testing Production Systems Safely: Common Precautions in Penetration Testing

Sven Türpe, Jörn Eichler
2009 2009 Testing: Academic and Industrial Conference - Practice and Research Techniques  
Unlike testing in a laboratory or test bed situation, the testing of production systems requires precautions to avoid side effects that might damage or disturb the system, its environment, or its users  ...  This paper outlines safety precautions to be taken when testing production systems. Specifically we discuss precautions for penetration testing aiming at identifying security vulnerabilities.  ...  Testers must ensure they do not cause denial of service by triggering such functions or limit their testing to a domain where lock-out can be handled. 7) Direct Predictable Effects towards the Tester  ... 
doi:10.1109/taicpart.2009.17 fatcat:pryswwgaabbfzifybvpxdht3eu

Page 812 of Criminal Law & Justice Weekly Vol. 163, Issue 41 [page]

1999 Criminal Law & Justice Weekly  
On the last excursion we put the Web to the test and looked for a recent law report.  ...  Subsequently we adopted a more focused approach, going straight to the excellent index of case summaries available on the Swarbrick & Co Web site.  ... 
« Previous Showing results 1 — 15 out of 44,864 results