An efficient algorithm and tool for detecting dangerous website vulnerabilities

Hoang Viet Long, Tong Anh Tuan, David Taniar, Nguyen van Can, Hoang Minh Hue, Nguyen Thi Kim Son

Research output: Contribution to journalArticleResearchpeer-review

5 Citations (Scopus)

Abstract

Web applications are progressively developing and applied in most aspects of life. However, there exist a variety of dangerous website security vulnerabilities such as SQL injection and cross-site scripting. This creates the opportunity for hackers to exploit and attack websites for commercial or political purposes or fame. Some research and commercial software have been developed for scanning and detecting those vulnerabilities. In this paper, we present an efficient algorithmic study and tool to detect web security vulnerabilities. Experimental results show that the new method is capable of detecting vulnerabilities with high accuracy. Compared to popular commercial software on the market, our tool has faster performance and can detect a number of less common vulnerabilities such as shell injection, or file inclusion.

Original languageEnglish
Pages (from-to)81-104
Number of pages24
JournalInternational Journal of Web and Grid Services
Volume16
Issue number1
DOIs
Publication statusPublished - 2020

Keywords

  • Cross-site scripting
  • Detection algorithm
  • SQL injection
  • Web security vulnerabilities

Cite this