512 Hits in 2.9 sec

Common web application attack types and security using ASP.NET

Bojan Jovicic, Dejan Simic
2006 Computer Science and Information Systems  
It explains how to use ASP.NET to provide Web applications security.  ...  It describes the two most common Web application attacks: SQL Injection and Cross Site Scripting, and is based on author's perennial experience in Web application security.  ...  Common Web application attack types Bellow is the list of some of the most common Web attack types: • SQL Injection (a security vulnerability that occurs in the database layer of an application) • Cross-Site  ... 
doi:10.2298/csis0602083j fatcat:hlcrse4s7zayxprw7v6rwmycxa

An Approach to Security, Performance and Bandwidth Issues in ASP. NET Websites

Sahil Mehta, Parminder Singh
2013 International Journal of Computer Applications  
The most two common security holes in the ASP.NET Websites are SQL Injection and Cross Site Scripting.  ...  ASP.NET websites mostly contains server side data bound controls and most of the developers use their default properties leading to performance issues and bandwidth issues.  ... development framework is used to make web applications and websites with the use of HTML, CSS, jQuery and JavaScript.  ... 
doi:10.5120/12239-8460 fatcat:ixsqbk3rlrccve5xic3juy2szu

SASMEDU: Security Assessment Method of Software in Engineering Education

2018 International Journal of Information Technology and Computer Science  
This paper presents a developed testing and evaluation software in order to find out the leakages in the web applications which was developed by using, php and java languages.  ...  Security and usability of web and mobile applications where users share their personal information have become to be a factor about which users should be careful.  ...  Common types of vulnerabilities such as SQLI, XSS, and Web Config are caused by lack of secure code development.  ... 
doi:10.5815/ijitcs.2018.07.01 fatcat:efljrwo5grhete4oh7ptqyocz4

Connection String Parameter Pollution Attacks [chapter]

Chema Alonso, Manuel Fernandez, Alejandro Martín, Antonio Guzmán
2010 Communications in Computer and Information Science  
In 2007 the ranking of the top ten critical vulnerabilities for the security of a system established code injection as the top 2, closely following top 1 XSS attacks.  ...  Actually, the most critical attacks are those that combine XSS techniques to access systems and code injection techniques to access the information.  ...  This architecture is very common, and can be found in widely used CMS systems such as Joomla, Mambo and many others.  ... 
doi:10.1007/978-3-642-16120-9_16 fatcat:s6pnh6d7nzforo7dcg5uvc3epy


Adam Doupé, Weidong Cui, Mariusz H. Jakubowski, Marcus Peinado, Christopher Kruegel, Giovanni Vigna
2013 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13  
Cross-site scripting flaws are one of the most common types of vulnerabilities that are leveraged to compromise a web application and its users.  ...  This paper presents a novel approach to securing legacy web applications by automatically and statically rewriting an application so that the code and data are clearly separated in its web pages.  ...  CNS-0905537, and Secure Business Austria.  ... 
doi:10.1145/2508859.2516708 dblp:conf/ccs/DoupeCJPKV13 fatcat:vrisgrpsdvb45fovnffelttnsy

Cryptography in the Web: The Case of Cryptographic Design Flaws in ASP.NET

Thai Duong, Juliano Rizzo
2011 2011 IEEE Symposium on Security and Privacy  
We show that attackers can abuse multiple cryptographic design flaws to compromise ASP.NET web applications.  ...  Our focus is on ASP.NET, the web application framework developed by Microsoft that powers 25% of all Internet web sites.  ...  original draft; and for conversations that clarified our thinking on this and other matters.  ... 
doi:10.1109/sp.2011.42 dblp:conf/sp/DuongR11 fatcat:l42tjbyykfg6ngy3byqlzyu2y4

Secure E-business Transactions by Securing Web Services

Ahmad Tasnim Siddiqui, Arun Kumar Singh
2012 2012 International Conference on Management of e-Commerce and e-Government  
We can choose any options from protocols based, platform based or message based security. There are securities which can be IIS based, based and SSL etc.  ...  Keywords-web service;web service security; threat to web services; web service security requirements; web service and ebusiness security I. 1 2  ...  It is a very common vulnerability. It uses the technique by which an attacker is able to execute unauthorized SQL commands and queries in a web application.  ... 
doi:10.1109/icmecg.2012.11 fatcat:uyix4mk6nbe2tjuwdfd5c76ini

Evaluating the Security Flaws in Web Applications

Prabhdeep Kaur, Harkamal Kaur
2015 International Journal of Computer Applications  
It is one of the many web attack methods used by hackers to steal data from industries.  ...  It is one of the most usual technique used in present era for application layer attack It is the category of attack that takes the benefit of.  ...  Web Application Security in IIS and ASP.NET Security for Web application starts with the Web server (IIS).  ... 
doi:10.5120/21697-4806 fatcat:5xngxifyfnennaawewsvirajuq

Using Public Vulnerabilities Data to Self-Heal Security Issues in Software Systems

Attiq ur Rehman Jaffar, Muhammad Nadeem, Mamdouh Alenezi, Yasir Javed
2019 ICIC Express Letters  
Web-applications are the main streams these days with regard to software systems requiring an inclusive approach to both prevent and reduce security weaknesses.  ...  Achieving this goal is possible by applying different methods and tools that can ensure security during or after the development of the application.  ...  The authors also gratefully acknowledge the helpful comments and suggestions of the reviewers, which have improved the presentation.  ... 
doi:10.24507/icicel.13.07.557 fatcat:6jvngmc3lndfdlohm7755tp7am

Enhanced Query based Layered Approach Towards Detection and Prevention of Web Attacks

Gaurav Kumar Tak, Gaurav Ojha
2012 Procedia Technology - Elsevier  
The proposed methodology utilizes a multi-tier mechanism to detect SQL attacks while maintaining the speed and user experience of the web application.  ...  There are various kinds of cyber-crimes such as Web attacks, Spam, Phishing Attacks, Information Warfare, Nigerian Scams, and DOS Attacks.  ...  The working of these applications is based on web scripting languages such as PHP, JSP, ASP.NET, Perl and the likes in order to format the image and text embedded into the web page [1] .  ... 
doi:10.1016/j.protcy.2012.05.080 fatcat:4wmozqkggfh3vchspjqpinerpi

Role Based Authentication Schemes for Security Automation

Dharmendra Choukse, Umesh Kumar Singh
2011 Journal of clean energy technologies  
Strict security measures had kept in mind while designing such a system and proper encryption and decryption techniques are used at both ends to prevent any possibility of any third party attacks.  ...  Academy Automation implies to the various different computing hardware and software that can be used to digitally create, manipulate, collect, store, and relay Academy information needed for accomplishing  ...  Force HTTPS is a simple browser security mechanism that web sites or users can use to opt in to stricter error processing, improving the security of HTTPS by preventing network attacks that leverage the  ... 
doi:10.7763/ijcte.2011.v3.283 fatcat:ikad627obzbwjeilczh722lnzi


Lilyana Petkova
2019 Knowledge International Journal  
We will give examples for their implementation in one ASP.NET web application to provide more descriptive perspective of their use!  ...  Nowadays security becomes more important than the content and the SEO of a web application. Due to a lack of protection, the number of attacked websites augments in the past few years.  ...  This tool shows the integrated HTTP security headers and their values on a specific web application and the missing ones with more details on them.  ... 
doi:10.35120/kij3003701p fatcat:m7b3gaj3t5crtpfe4z3bwie2ay

Opportunistic Diversity-Based Detection of Injection Attacks in Web Applications

Wenyu Qu, Wei Huo, Lingyu Wang
2018 EAI Endorsed Transactions on Security and Safety  
At the same time, larger attack surfaces and developers' lack of security proficiency or awareness leave Web applications particularly vulnerable to security attacks.  ...  Finally, we evaluate our approach using a real world Web application.  ...  Acknowledgements Authors with Concordia University were partially supported by the Natural Sciences and Engineering Research Council of Canada under Discovery Grant N01035.  ... 
doi:10.4108/eai.11-12-2018.156032 fatcat:4rbyn3sgfnctboeft44ng5f7zu

Security-aware selection of Web Services for Reliable Composition [article]

Shahedeh Khani, Cristina Gacek, Peter Popov
2015 arXiv   pre-print
It is a measure of Availability, Reliability, Maintainability, Safety and Security. The focus of our research is on security of web services.  ...  The selected third party web services may have security vulnerabilities. Vulnerable web services are of limited practical use.  ...  . 75,000 nested elements Table 2 : 2 Preliminary Experimental Results Web Service Security Framework Vulnerability Type Axis2 web service Axis2 web service ASP.Net web service ASP.Net  ... 
arXiv:1510.02391v1 fatcat:qu67eiyllnbgvpsepbm2j3rtmm

The Reality of Applying Security in Web Applications in Academia

Mohamed Al-Ibrahim, Yousef Shams
2014 International Journal of Advanced Computer Science and Applications  
Web applications are used in academic institutions, such as universities, for variety of purposes.  ...  The degree of securing web pages in education systems is measured. The differences among academic institutions on protecting their web applications are discussed.  ...  Since the Internet is open systems and the web applications are increasingly used to deliver critical services, they become a valuable target for security attacks.  ... 
doi:10.14569/ijacsa.2014.051002 fatcat:dw7itolijncfzb3am2a3mrp5a4
« Previous Showing results 1 — 15 out of 512 results