Vulnerabilities of Modern Web Applications

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216275%3A25530%2F17%3A39910668" target="_blank" >RIV/00216275:25530/17:39910668 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.23919/MIPRO.2017.7973616" target="_blank" >http://dx.doi.org/10.23919/MIPRO.2017.7973616</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.23919/MIPRO.2017.7973616" target="_blank" >10.23919/MIPRO.2017.7973616</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Vulnerabilities of Modern Web Applications

Popis výsledku v původním jazyce

The security of modern web applications is becoming increasingly important with their growing usage. As millions of people use these services, the availability, integrity, and confidentiality are critical. This paper describes the process of penetration testing of these applications. The goal of such testing is to detect application flaws and vulnerabilities and to propose a solution to mitigate them. The paper analyses current penetration testing tools and subsequently tests them on a use case web application, build specifically with present security flaws. The process of penetration testing is described in detail and the performance of each tool is evaluated. In the last section, recommended practices to mitigate found flaws are summarized.

Název v anglickém jazyce

Vulnerabilities of Modern Web Applications

Popis výsledku anglicky

The security of modern web applications is becoming increasingly important with their growing usage. As millions of people use these services, the availability, integrity, and confidentiality are critical. This paper describes the process of penetration testing of these applications. The goal of such testing is to detect application flaws and vulnerabilities and to propose a solution to mitigate them. The paper analyses current penetration testing tools and subsequently tests them on a use case web application, build specifically with present security flaws. The process of penetration testing is described in detail and the performance of each tool is evaluated. In the last section, recommended practices to mitigate found flaws are summarized.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2017

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

40th International Convention on Information and Communication Technology, Electronics and Microelectronics, MIPRO 2017 : proceedings

ISBN

978-953-233-092-2

ISSN

—

e-ISSN

neuvedeno

Počet stran výsledku

7

Strana od-do

"1256 "- 1261

Název nakladatele

IEEE (Institute of Electrical and Electronics Engineers)

Místo vydání

New York

Místo konání akce

Opatija

Datum konání akce

22. 5. 2017

Typ akce podle státní příslušnosti

EUR - Evropská akce

Kód UT WoS článku

000426903800220