IR @ Nirma University
Keeping in tune the global developments we are creating an institutional repository using DSpace Software (Digital Library Software). We are archiving institutional knowledge like, faculty papers, theses, and dissertations in PDF format at DSpace. Students can access this digital information anywhere in the campus.
Please use this identifier to cite or link to this item:
http://10.1.7.192:80/jspui/handle/123456789/4896Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Buch, Phenilkumar | - |
| dc.date.accessioned | 2014-08-25T07:58:21Z | - |
| dc.date.available | 2014-08-25T07:58:21Z | - |
| dc.date.issued | 2014-06-01 | - |
| dc.identifier.uri | http://hdl.handle.net/123456789/4896 | - |
| dc.description.abstract | Web applications have become very common and the role of web application security has garnered much attention as well. The number of sensitive online resources is increasing day by day, and so is the need to protect these resources. Many web applications are developed without taking care of security aspects and hence they are prone to attacks. Although it is easy to understand and avoid many web vulnerabilities, security awareness is what many web developers lack. Consequently, many web applications exist on the Internet that are vulnerable. For an organisation to identify if their applications are susceptible to attacks, it must perform regularly scheduled penetration testing, vulnerability assessment and updation of their applications. The major security vulnerabilities that exist in today's web applications include SQL injection, Cross Site Scripting and a few others. These vulnerabilities can be detected automatically. Various methods are used for detection of these vulnerabilities and each of these methods have their own limitations. Black box web application vulnerability scanners are tools that are utilized to determine vulnerabilities in web applications. The vulnerability scanners interact with a web application in a way that is similar to the way in which regular users do. However, various sections of web applications must be accessed and tested by these tools, and as big a part of the application needs to be crawled as possible. An assessment of various black box web vulnerability scanners along with the scanner developed for current dissertation is also presented here. The evaluation process is composed of testing a scanning technique for different categories of web application vulnerabilities. The tests are performed on various realistic web applications with known vulnerabilities. The results of the evaluation show that the task of crawling is equally important to the overall effectiveness of a scanner as the various vulnerability specific detection algorithms. Many vulnerabilities are not detected by the scanners, and thus further research is warranted to better the automated detection of web application vulnerabilities. | en_US |
| dc.publisher | Institute of Technology | en_US |
| dc.relation.ispartofseries | 12MCEI36; | - |
| dc.subject | Computer 2012 | en_US |
| dc.subject | Project Report 2012 | en_US |
| dc.subject | Computer Project Report | en_US |
| dc.subject | Project Report | en_US |
| dc.subject | 12MCEI | en_US |
| dc.subject | 12MCEI36 | en_US |
| dc.subject | INS | en_US |
| dc.subject | INS 2012 | en_US |
| dc.subject | CE (INS) | en_US |
| dc.title | Web Application Vulnerability Scanner | en_US |
| dc.type | Dissertation | en_US |
| Appears in Collections: | Dissertation, CE (INS) | |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 12MCEI36.pdf | 12MCEI36 | 1.51 MB | Adobe PDF |  View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.