A STUDY ON SECURITY FOR WEB-BASED APPLICATIONS

Authors

  • Nguyễn Sĩ Hòa The Faculty of Information Technology and Telecommunication, VNU University of Science, Viet Nam
  • Lại Thị Nhung The Faculty of Basic Science, Namdinh University of Nursing, Viet Nam
  • Đặng Thanh Hải The Faculty of Information Technology, Dalat University, Viet Nam

DOI:

https://doi.org/10.37569/DalatUniversity.7.2.241(2017)

Keywords:

Security, Web-based applications, Web security.

Abstract

The Internet has been developing extremely rapidly, connecting more than 30% of the world population, with more than 2.2 billion users. It has brought benefits as well as risks.In 2005, the world lost over $445 billion while, Vietnam lost approximately 8,700 billion VNĐ due to the incidents of cyber attacks, in which 5,226 Websites of agencies and businesses in Vietnam were attacked. This is mainly due to the hackers’ progress, the advent of new technologies, and the fact that today’s systems are increasingly complex and it is difficult to manage all risks. Therefore, studying the risks for Web-based applications is the urgent need for organizations deploying web applications on the Internet. In this article, we will analyze the most common vulnerabilities of Web-based applications and recommend methods for detection.

Downloads

Download data is not yet available.

References

Bavisi, J. (2016). Certified ethical hacking certification. Retrieved from https://www. eccouncil.org/programs/certified-ethical-hacker-ceh/

Codedx. (2017). Security misconfiguration. Retrieved from http://codedx.com/security-misconfigura-tion/

CodeProject. (2017). Developing secure web applications: XSS attack, the confused deputy and over-posting. Retrieved from http://www.codeproject.com/Tips/ 845612/Developing-Secure-Web-Applications-XSS-Attack-the/

Data, R. (2016). SQL injection. Retrieved from https://www.w3schools.com/sql/sql_injection.asp/

Hackingstuffs. (2017). Cookies Stealing. Retrieved from https://hackingstuffs.com/ attacks/cookies-stealing/

The OWASP Foundation. (2017a). The open web application security project. Retrieved from https://www.owasp.org/index.php/CrossSite_Request_Forgery/

The OWASP Foundation. (2017b). The open web application security project. Retrieved from https://www.owasp.org/index.php/OWASP Periodic Table of Vulnerabilities_-_Insufficient_Transport_Layer_Protection/

Veracode. (2017). Insecure cryptographic storage. Retrieved from http://www.veracode. com/security/insecure-crypto/

Published

28-06-2017

Volume and Issues

Section

Natural Sciences and Technology

How to Cite

Hòa, N. S., Nhung, L. T., & Hải, Đặng T. (2017). A STUDY ON SECURITY FOR WEB-BASED APPLICATIONS. Dalat University Journal of Science, 7(2), 231-246. https://doi.org/10.37569/DalatUniversity.7.2.241(2017)