A New Feature to Secure Web Applications

Kohei Kubota, Wai Kyi Kyi Oo, Hiroshi Koide

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Web application security is one of essential components of any web-based systems. As becoming popular of the Internet makes many web sites be attacked by many kinds of attacks. So, we have to propose a secure framework for web applications. For this reason, we have to propose a web application framework which not only analyzes the source code implemented by web developers, also it can detects the vulnerabilities in the source code dynamically. Although a lot of research works have already proposed detection methods of vulnerabilities in web application attacks, but those are not fully detected because their methods do not use the information of the web applications. Therefore, we propose a new method which analyzes the source code of a web application, and then modifies it if needed, in addition, our method has a detection method of an application's vulnerabilities that are difficult to detect by previous methods. According to our implementation and experiments, it is possible to detect actual attacks, which have been considered difficult to detect, against authentication leaks and SQL injection attacks using dynamic queries.

Original languageEnglish
Title of host publicationProceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages334-340
Number of pages7
ISBN (Electronic)9781728199191
DOIs
Publication statusPublished - Nov 2020
Event8th International Symposium on Computing and Networking Workshops, CANDARW 2020 - Virtual, Naha, Japan
Duration: Nov 24 2020Nov 27 2020

Publication series

NameProceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020

Conference

Conference8th International Symposium on Computing and Networking Workshops, CANDARW 2020
Country/TerritoryJapan
CityVirtual, Naha
Period11/24/2011/27/20

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Computational Mathematics
  • Control and Optimization

Fingerprint

Dive into the research topics of 'A New Feature to Secure Web Applications'. Together they form a unique fingerprint.

Cite this