测试和利用工具改进OWASP十大安全漏洞检测

2022 14th International Conference on Computational Intelligence and Communication Networks (CICN) Pub Date : 2022-12-04 DOI:10.1109/CICN56167.2022.10008360

M. Aljabri, Maryam M. Aldossary, Noor Al-Homeed, Bushra Alhetelah, Malek Althubiany, Ohoud F. Alotaibi, Sara Alsaqer

{"title":"测试和利用工具改进OWASP十大安全漏洞检测","authors":"M. Aljabri, Maryam M. Aldossary, Noor Al-Homeed, Bushra Alhetelah, Malek Althubiany, Ohoud F. Alotaibi, Sara Alsaqer","doi":"10.1109/CICN56167.2022.10008360","DOIUrl":null,"url":null,"abstract":"In many different sorts of businesses, including public and private, government, critical infrastructures, etc., web apps have grown recently. Therefore, securing web applications is a major concern to protect businesses from loss and unauthorized access to sensitive information. Developers use vulnerable thirdparty modules or components or create programming security flaws themselves and occasionally work with tight budgets. These situations frequently cause people to overlook a crucial aspect of development life cycle security. This paper studies and tests the currently available web security and exploitation tools of OWASP's top ten security vulnerabilities. The main aim of this paper is to improve the detection of OWASP's top ten security vulnerabilities by proposing an exploitation and detection tool that combined features of the tools that has been tested in the paper.","PeriodicalId":287589,"journal":{"name":"2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Testing and Exploiting Tools to Improve OWASP Top Ten Security Vulnerabilities Detection\",\"authors\":\"M. Aljabri, Maryam M. Aldossary, Noor Al-Homeed, Bushra Alhetelah, Malek Althubiany, Ohoud F. Alotaibi, Sara Alsaqer\",\"doi\":\"10.1109/CICN56167.2022.10008360\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In many different sorts of businesses, including public and private, government, critical infrastructures, etc., web apps have grown recently. Therefore, securing web applications is a major concern to protect businesses from loss and unauthorized access to sensitive information. Developers use vulnerable thirdparty modules or components or create programming security flaws themselves and occasionally work with tight budgets. These situations frequently cause people to overlook a crucial aspect of development life cycle security. This paper studies and tests the currently available web security and exploitation tools of OWASP's top ten security vulnerabilities. The main aim of this paper is to improve the detection of OWASP's top ten security vulnerabilities by proposing an exploitation and detection tool that combined features of the tools that has been tested in the paper.\",\"PeriodicalId\":287589,\"journal\":{\"name\":\"2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)\",\"volume\":\"51 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CICN56167.2022.10008360\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CICN56167.2022.10008360","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

在许多不同类型的企业中，包括公共和私人、政府、关键基础设施等，web应用程序最近都在增长。因此，保护web应用程序是保护企业免受敏感信息丢失和未经授权访问的主要关注点。开发人员使用易受攻击的第三方模块或组件，或者自己创建编程安全漏洞，有时预算紧张。这些情况经常导致人们忽视开发生命周期安全性的一个关键方面。本文研究并测试了目前可用的web安全和利用OWASP十大安全漏洞的工具。本文的主要目的是通过提出一种利用和检测工具来改进对OWASP十大安全漏洞的检测，该工具结合了本文中测试的工具的特性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Testing and Exploiting Tools to Improve OWASP Top Ten Security Vulnerabilities Detection

In many different sorts of businesses, including public and private, government, critical infrastructures, etc., web apps have grown recently. Therefore, securing web applications is a major concern to protect businesses from loss and unauthorized access to sensitive information. Developers use vulnerable thirdparty modules or components or create programming security flaws themselves and occasionally work with tight budgets. These situations frequently cause people to overlook a crucial aspect of development life cycle security. This paper studies and tests the currently available web security and exploitation tools of OWASP's top ten security vulnerabilities. The main aim of this paper is to improve the detection of OWASP's top ten security vulnerabilities by proposing an exploitation and detection tool that combined features of the tools that has been tested in the paper.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)

自引率

0.00%

发文量