Danny E. Alvarez, Daniel B. Correa, Fernando I. Arango
{"title":"哥伦比亚软件和网站开发中的XSS、CSRF和SQL注入分析","authors":"Danny E. Alvarez, Daniel B. Correa, Fernando I. Arango","doi":"10.1109/EATIS.2016.7520140","DOIUrl":null,"url":null,"abstract":"Software development and web applications have become fundamental in our lives. Millions of users access these applications to communicate, obtain information and perform transactions. However, these users are exposed to many risks; commonly due to the developer's lack of experience in security protocols. Although there are many researches about web security and hacking protection, there are plenty of vulnerable websites. This article focuses in analyzing 3 main hacking techniques: XSS, CSRF, and SQL Injection over a representative group of Colombian websites. Our goal is to obtain information about how Colombian companies and organizations give (or not) relevance to security; and how the final user could be affected.","PeriodicalId":158157,"journal":{"name":"2016 8th Euro American Conference on Telematics and Information Systems (EATIS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"An analysis of XSS, CSRF and SQL injection in colombian software and web site development\",\"authors\":\"Danny E. Alvarez, Daniel B. Correa, Fernando I. Arango\",\"doi\":\"10.1109/EATIS.2016.7520140\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software development and web applications have become fundamental in our lives. Millions of users access these applications to communicate, obtain information and perform transactions. However, these users are exposed to many risks; commonly due to the developer's lack of experience in security protocols. Although there are many researches about web security and hacking protection, there are plenty of vulnerable websites. This article focuses in analyzing 3 main hacking techniques: XSS, CSRF, and SQL Injection over a representative group of Colombian websites. Our goal is to obtain information about how Colombian companies and organizations give (or not) relevance to security; and how the final user could be affected.\",\"PeriodicalId\":158157,\"journal\":{\"name\":\"2016 8th Euro American Conference on Telematics and Information Systems (EATIS)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 8th Euro American Conference on Telematics and Information Systems (EATIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EATIS.2016.7520140\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 8th Euro American Conference on Telematics and Information Systems (EATIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EATIS.2016.7520140","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An analysis of XSS, CSRF and SQL injection in colombian software and web site development
Software development and web applications have become fundamental in our lives. Millions of users access these applications to communicate, obtain information and perform transactions. However, these users are exposed to many risks; commonly due to the developer's lack of experience in security protocols. Although there are many researches about web security and hacking protection, there are plenty of vulnerable websites. This article focuses in analyzing 3 main hacking techniques: XSS, CSRF, and SQL Injection over a representative group of Colombian websites. Our goal is to obtain information about how Colombian companies and organizations give (or not) relevance to security; and how the final user could be affected.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
