Abstract Views :127 |
PDF Views:0
Authors
Affiliations
1 National Institute of Technical Teacher & Research, Bhopal, IN
Source
International Journal of Engineering Research, Vol 3, No 2 (2014), Pagination: 130-135
Abstract
In recent years, internet applications have became enormously well-liked, and today they're habitually employed in security-critical environments, like medical, financial, and military systems. Because the use of internet applications has increased, the amount and class of attacks against these applications have also matured. Moreover, the research community primarily targeted on detecting vulnerabilities, which results from insecure information flow in internet applications like cross-site scripting and SQL injection have also increased. Injection Attacks exploit vulnerabilities of websites by inserting and executing malicious code (e.g., information query, JavaScript functions) in unsuspecting users, computing surroundings or on a web server. Such attacks compromise user's information, system resources and cause a significant threat to private and business assets. We tend to investigate and develop a tool Web Vulnerability Scanner (WVS) which queries the vulnerable fragments of applications (written in query and application languages) and are then identified and analyzed offline (statically). Results show the effectiveness of our Tool, compared to the present ones in dimensions alike, it has been observed that vulnerabilities go undetected once the existing ways of area unit used; it makes offline analysis of applications time efficient; and finally, it reduces the runtime observation overhead.
Keywords
Web Vulnerability, SQL Injection, XSS.
Full Text