{"title":"对web应用程序威胁的系统回顾和分类","authors":"Yassine Sadqi, Yassine Maleh","doi":"10.1080/19393555.2020.1853855","DOIUrl":null,"url":null,"abstract":"ABSTRACT Nowadays, web application security is one of the relevant issues in the IT security domain due to the continued growth in the number of web-related attacks. As a result, attacks, with various and varied motivations, have developed and become increasingly sophisticated. They mainly target data related to economic activities. Thus, they cause significant damage to the overall functioning of information systems. To address the various threats, several robust taxonomies exist in the literature. Each taxonomy and classification has advantages and limitations. We first define the different threat classifications related to the context of Web applications. The objective of this analysis is to provide a synthesis of the advantages and disadvantages of each classification. The current work analyses different taxonomies for web applications threats, in order to propose our proper taxonomy. The proposed taxonomy takes advantage of the benefits of existing taxonomies and provides an integrated approach for classifying both client-side and server-side attacks. The finding will help researchers to find a clear and detailed taxonomy of the different threats related to web applications.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"A systematic review and taxonomy of web applications threats\",\"authors\":\"Yassine Sadqi, Yassine Maleh\",\"doi\":\"10.1080/19393555.2020.1853855\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Nowadays, web application security is one of the relevant issues in the IT security domain due to the continued growth in the number of web-related attacks. As a result, attacks, with various and varied motivations, have developed and become increasingly sophisticated. They mainly target data related to economic activities. Thus, they cause significant damage to the overall functioning of information systems. To address the various threats, several robust taxonomies exist in the literature. Each taxonomy and classification has advantages and limitations. We first define the different threat classifications related to the context of Web applications. The objective of this analysis is to provide a synthesis of the advantages and disadvantages of each classification. The current work analyses different taxonomies for web applications threats, in order to propose our proper taxonomy. The proposed taxonomy takes advantage of the benefits of existing taxonomies and provides an integrated approach for classifying both client-side and server-side attacks. The finding will help researchers to find a clear and detailed taxonomy of the different threats related to web applications.\",\"PeriodicalId\":103842,\"journal\":{\"name\":\"Information Security Journal: A Global Perspective\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information Security Journal: A Global Perspective\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/19393555.2020.1853855\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Security Journal: A Global Perspective","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/19393555.2020.1853855","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A systematic review and taxonomy of web applications threats
ABSTRACT Nowadays, web application security is one of the relevant issues in the IT security domain due to the continued growth in the number of web-related attacks. As a result, attacks, with various and varied motivations, have developed and become increasingly sophisticated. They mainly target data related to economic activities. Thus, they cause significant damage to the overall functioning of information systems. To address the various threats, several robust taxonomies exist in the literature. Each taxonomy and classification has advantages and limitations. We first define the different threat classifications related to the context of Web applications. The objective of this analysis is to provide a synthesis of the advantages and disadvantages of each classification. The current work analyses different taxonomies for web applications threats, in order to propose our proper taxonomy. The proposed taxonomy takes advantage of the benefits of existing taxonomies and provides an integrated approach for classifying both client-side and server-side attacks. The finding will help researchers to find a clear and detailed taxonomy of the different threats related to web applications.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
