A Framework for Web Application Vulnerability Detection
Asra Kalim1, C K Jha2, Deepak Singh Tomar3, Divya Rishi Sahu4
1Asra Kalim*, CSE Department, Banasthali Vidyapeeth, Rajasthan India.
2C. K. Jha, CSE Department, Banasthali Vidyapeeth, Rajasthan India.
3Deepak Singh Tomar, CSE, MANIT, Bhopal, India.
4Divya Rishi Sahu, cse, SATI, Vidisha, India.
Manuscript received on February 01, 2020. | Revised Manuscript received on February 05, 2020. | Manuscript published on February 30, 2020. | PP: 543-549 | Volume-9 Issue-3, February, 2020. | Retrieval Number: C4778029320/2020©BEIESP | DOI: 10.35940/ijeat.C4778.029320
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Hardly a facet of human life is not influenced by the Internet due to the continuous proliferation in the Internet facilities, usage, speed, user friendly browsing, global access, etc. At flip side, hackers are also attacking this digital world with new tactics and techniques through exploiting the web application vulnerabilities. The analysis of these vulnerabilities is of paramount importance in direction to secure social digital world. It can be carried out in two ways. First, manual analysis which is error prone due to the human nature of forgiveness, dynamic change in technology and fraudulence attack techniques. Second, through the existing web application vulnerability scanners that sometime may suffer from generating false alarm rate. Hence, there is a need to develop a framework that can detect different levels of vulnerabilities, ranging from client side vulnerabilities, communication side vulnerabilities to server side vulnerabilities. This paper has carried out the literature survey in direction of identifying the new attack vectors, vulnerabilities, detection mechanism, research gaps and new working areas in same field. Continuous improvement in framework is easy. Hence, a framework is proposed to overcome the identified research gap.
Keywords: Web Vulnerability, Web Malwares, Vulnerability Databases, Web Vulnerability Scanners, Webb Application Analysis.