V. Balatska,M. Shabatura

DOI: https://doi.org/10.32447/20784643.20.2019.01

2020-01-22

Bulletin of Lviv State University of Life Safety

Abstract:For today, computer networks are an integral part of our daily lives. As the analysis shows, the network is ex-tremely vulnerable, it can serve as a place of information leakage, changes of configuration of settings and modification of data by the attackers. There are many more threats, and the security of the network requires a great deal of attention to ensure the security of the network in order to maintain the confidentiality and integrity of the data. Organizations must regularly assess the vulnerability of the entire network to test the security level and strengthen the network. We use vulnerability scanners to find weaknesses, which are useful for detecting security vulnerabilities on a case-by-case basis and across the network as a whole. The purpose of the work is to explore the computer network for vulnerabilities using the Nessus Professional scanner. Research Methods – network scanning by Nessus Professional vulnerability scanner. The Nessus Professional vulnerability scanner from Tenable Network Security, which is freely available, was used for the research. The Nessus Professional scanner has been found to have better functionality and performance than other available scanners. The only downside to the scanner is its cost per year, as well as scanning a large number of hosts on the network at a time (over 100 hosts). After the scanner was successfully installed, carried out it was in-spected from the moment it was launched to the generation of host test reports. For the work, the Lviv State University of Life Safety network was tested. In the post-scan report, which is displayed in HTML format, you can see scan details for each host; the number and nature of vulnerabilities; the error correction dashboard. According to the results of testing, vulnerabilities of low, medium and high levels of hazards were identified, totaling 376. Vulnerabilities were ana-lyzed based on the obtained results, namely: a brief description and a way to solve the problem.

Daniel Reti,Karina Elzer,Hans Dieter Schotten

DOI: https://doi.org/10.48550/arXiv.2301.10502

2023-01-25

Abstract:Every attack begins with gathering information about the target. The entry point for network breaches are often vulnerabilities in internet facing websites, which often rely on an off-the-shelf Content Management System (CMS). Bot networks and human attackers alike rely on automated scanners to gather information about the CMS software installed and potential vulnerabilities. To increase the security of websites using a CMS, it is desirable to make the use of CMS scanners less reliable. The aim of this work is to extend the current knowledge about cyber deception in regard to CMS. To demonstrate this, a WordPress Plugin called 'SCANTRAP' was created, which uses simulation and dissimulation in regards to plugins, themes, versions, and users. We found that the resulting plugin is capable of obfuscating real information and to a certain extent inject false information to the output of one of the most popular WordPress scanners, WPScan, without limiting the legitimate functionality of the WordPress installation.

Cryptography and Security

Md. Maruf Hassan,Kaushik Sarker,Saikat Biswas,Md. Hasan Sharif

DOI: https://doi.org/10.5121/ijci.2017.6501

2017-11-07

Abstract:The popularity of content management software (CMS) is growing vastly to the web developers and the business people because of its capacity for easy accessibility, manageability and usability of the distributed website contents. As per the statistics of Built with, 32% of the web applications are developed with WordPress(WP) among all other CMSs [1]. It is obvious that quite a good number of web applications were built with WP in version 4.7.0 and 4.7.1. A recent research reveals that content injection vulnerability was found available in the above two versions of WP [2]. Unauthorized content injection by an intruder in a CMS managed application is one of the serious problems for the business as well as for the web <a class="link-external link-http" href="http://owner.Therefore" rel="external noopener nofollow">this http URL</a>, detection of the vulnerability becomes a critical issue for this time. In this paper, we have discussed about the root cause of WP content injection of the above versions and have also proposed a detection model for the given vulnerability. A tool, SAISAN has been implemented as per our anticipated model and conducted an examination on 176 WP developed web applications using SAISAN. We achieved the accuracy of 92% of the result of SAISAN as compared to manual black box testing outcome.

Cryptography and Security

Emre Erturk,Angel Rajan

DOI: https://doi.org/10.48550/arXiv.1706.08017

2017-06-25

Cryptography and Security

Abstract:Cloud security is one of the biggest concerns for many companies. The growth in the number and size of websites increases the need for better securing those websites. Manual testing and detection of web vulnerabilities can be very time consuming. Automated Web Vulnerability Scanners (WVS) help with the detection of vulnerabilities in web applications. Acunetix is one of the widely used vulnerability scanners. Acunetix is also easy to implement and to use. The scan results not only provide the details of the vulnerabilities, but also give information about fixing the vulnerabilities. AcuSensor and AcuMonitor (technologies used by Acunetix) help generate more accurate potential vulnerability results. One of the purposes of this paper is to orient current students of computer security with using vulnerability scanners. Secondly, this paper provides a literature review related to the topic of security vulnerability scanners. Finally, web vulnerabilities are addressed from the mobile device and browser perspectives.

Afif Zirwan

DOI: https://doi.org/10.37034/jidt.v4i1.190

2022-03-20

Jurnal Informasi dan Teknologi

Abstract:The Covid-19 pandemic indirectly accelerated the 4.0 Industrial Revolution where technology became an important point in the industrial movement. Changes that are forced quickly, sometimes release some application developers to test the product to be implemented, because it is required quickly to compensate for the change. Padang Institute of Technology (ITP) also made rapid changes to its official website, to provide actual information of campus activities during this pandemic. Conduct testing and analysis of the extent of itp website security and provide troubleshooting advice from the results of the analysis. Testing is done using the Acunetix Vulnerability Scanner tool against the ITP website. The method used is descriptive analysis, which is the data obtained presented in the form of sentences described, thus providing clarity from the results of the analysis carried out.The results obtained from this study are ITP websites with acunex threat at level 3 which includes High theory and scanning time used for 2 Hours 5 minutes. In this study there were 714 alerts or gaps found consisting of 94 at high level, 25 at medium level, 46 at low level and 549 at informational level. Here is an explanation of the alert or loopholes found in the scanning website. From the analysis data it was concluded that in testing using acunetix itp website is at level 3, after improvement of itp website is at level 1.

Jiang Zhen

Abstract:The paper introduces the current severe situation of the Web security, and brings up the necessity to design Web vulnerability scanning software. Then it analyzes Web crawler, construction of website structure tree, and detection methods of SQL injection, XSS, integer overflow and URL redirection, which provides a guarantee for developing the system successfully. The paper also describes the software architecture and the design of modules. The final testing results prove that the software is able to detect the common types of vulnerabilities rapidly and comprehensively. The software has been published.

Computer Science

Jun Zhu,Bill Chu,Heather Richter Lipford,Tyler Thomas

DOI: https://doi.org/10.1145/2752952.2752976

2015-01-01

Abstract:ABSTRACTAccess control vulnerabilities due to programming errors have consistently ranked amongst top software vulnerabilities. Previous research efforts have concentrated on using automatic program analysis techniques to detect access control vulnerabilities in applications. We report a comparative study of six open source PHP applications, and find that implicit assumptions of previous research techniques can significantly limit their effectiveness. We propose a more effective hybrid approach to mitigate access control vulnerabilities. Developers are reminded in-situ of potential access control vulnerabilities, where self-review of code can help them discover mistakes. Additionally, developers are prompted for application-specific access control knowledge, providing samples of code that could be thought of as static analysis by example. These examples are turned into code patterns that can be used in performing static analysis to detect additional access control vulnerabilities and alert the developer to take corrective actions. Our evaluation of six open source applications detected 20 zero-day access control vulnerabilities in addition to finding all access control vulnerabilities detected in previous works.

耿哲,王秀美,王继龙,于洪奎

DOI: https://doi.org/10.3969/j.issn.1006-2475.2004.11.010

2004-01-01

Abstract:This paper analyzes the importance of network vulnerabilities scanner in the field of network security and its principles of implementation.The strong points of free network vulnerabilities scanner Nessus outgoing other products are presented.Also,the design and implementation of Web-based network vulnerabilities scan system based-on Nessus are given.

Esti Zakia Darojat,Eko Sediyono,Irwan Sembiring

DOI: https://doi.org/10.21456/vol12iss1pp36-44

2022-09-22

JURNAL SISTEM INFORMASI BISNIS

Abstract:E-Government is one of the local government's means of implementing service-oriented values and public information disclosure by providing the local government's official website. Vulnerability Assessment (VA) is a vulnerability assessment method by testing security vulnerabilities to find out all potential critical weaknesses of e-government websites, the aims is to support convenience and service improvement when using e-government websites. The method is using descriptive quantitative to analyze and evaluate security level of both e-government websites based on the NIST SP 800-115 method regarding technical guidelines for testing and assessing information security parameters and OWASP using two web vulnerability scanners. This study is to analyze and evaluate the results of vulnerability scanning on two different types of e-government web, namely the e-government web belonging to the local government and village government, the sample assessment using the semarangkab.go.id website belonging to the local government of Semarang Regency, Central Java Province. and gunungtumpeng.id which is the official e-government website owned by the Gunung Tumpeng Village Government, Suruh District, Semarang Regency, Central Java Province, Indonesia. Hasil penelitian menunjukkan ditemukan persamaan penilaian dalam hal kategori level ancaman dan jumlah kerentanan menggunakan kedua alat web vulnerability scanner, dan hasil yang berbeda terdapat pada durasi, kecepatan pemindaian, dan jenis temuan kerentanan. Kedua parameter OWASP dapat memberikan petunjuk dan penjelasan kompleks untuk membantu pengembang atau pihak pemerintah daerah melakukan pengambilan keputusan mengenai keamanan informasi pada web e-government yang dikelola.

Kalyan Devappa Bamane,Abhijit Janardan Patankar,Priyanka Gupta,Ratnaraja Kumar Jambi,Nitisha Rajgure

DOI: https://doi.org/10.17762/ijritcc.v11i7s.7344

2023-07-20

International Journal on Recent and Innovation Trends in Computing and Communication

Abstract:The detection of online vulnerabilities is the most important task for network security. In this paper, deep learning methodologies for dealing with tough or complicated challenges are investigated using convolutional neural networks, long-short-term memory, and generative adversarial networks.Experimental results demonstrate that deep learning approaches can significantly outperform standard methods when compared to them. In addition, we examine the various aspects that affect performance. This work can provide researchers with useful direction when designing network architecture and parameters for identifying web attacks.

Swetha B,Susmitha NRK,Thirulogaveni J,Sruthi S

2024-11-28

Abstract:The evolving threat landscape in cybersecurity necessitates the adoption of advanced tools for effective vulnerability management. This paper presents a comprehensive comparative analysis of three widely used tools: Nessus, Acunetix, and Nikto. Each tool is assessed based on its detection accuracy, risk scoring using the Common Vulnerability Scoring System (CVSS), ease of use, automation and reporting capabilities, performance metrics, and cost effectiveness. The research addresses the challenges faced by organizations in selecting the most suitable tool for their unique security requirements.

Cryptography and Security

Dina Nurika Fitriana Fitriana,Putri Elfa Mas’udia,Mila Kusumawardani

DOI: https://doi.org/10.33795/jartel.v13i4.557

2023-12-22

Abstract:The internet is one example of a computer network that can make it easier to obtain information. According to BSSN's December 2021 report, there were 3,483,706 web application attacks. According to the BSSN monthly report, there were 3,483,706 web application attacks at the end of December 2021. The JTD Study Program's official website (psjtd.polinema.ac.id) faced recurrent hacking incidents, exposing it to DDOS assaults and defacing. As a result, security testing must be carried out in accordance with particular standards, such as the National Institute of Standards and Technology (NIST) SP 800-115 framework. Penetration testing was performed in this investigation using the Black Box testing method approach and hardening. The results of testing and analyzing security gaps on the website reveal 10 open ports and 11 various types of security holes with varying levels of vulnerability categorized as 1 high, 3 medium, 5 low, and 2 informational. During penetration testing, one ping packet was sent that could not cause any problems, and then one of the Syn Flooding attacks was carried out, which resulted in the number of shipments reaching 10,000 packets per second.

Osejobe Ehichoya,Chinwuba Christian Nnaemeka

DOI: https://doi.org/10.48550/arXiv.2212.12308

2022-12-13

Cryptography and Security

Abstract:Web services are becoming business-critical components, often deployed with critical software bugs that can be maliciously explored. Web vulnerability scanners allow the detection of security vulnerabilities in web services by stressing the service from the point of view of an attacker. However, research and practice show that different scanners perform differently in vulnerability detection. This paper presents a qualitative evaluation of security vulnerabilities found in web applications. Some well-known vulnerability scanners have been used to identify security flaws in web service implementations. Many vulnerabilities have been observed, which confirms that many services are deployed without proper security testing. Additionally, having reviewed and considered several articles, the differences in the vulnerabilities detected and the high number of false positives observed highlight the limitations of web vulnerability scanners in detecting security vulnerabilities in web services. Furthermore, this work will discuss the static analysis approach for discovering security vulnerabilities in web applications and complimenting it with proven research findings or solutions. These vulnerabilities include broken access control, cross-site scripting, SQL injections, buffer overflow, unrestricted file upload, broken authentications, etc. Web applications are becoming mission-essential components for businesses, potentially risking having several software vulnerabilities that hackers can exploit maliciously. A few Vulnerability scanners have been used to detect security weaknesses in web service applications, and many vulnerabilities have been discovered, thus confirming that many online apps are launched without sufficient security testing.

Jingxia Chen,Xiuling Chen,Bo Yu

DOI: https://doi.org/10.1051/matecconf/202133608010

2021-01-01

MATEC Web of Conferences

Abstract:The vulnerability scanner designed in this paper completed the collection of information and scanning of vulnerability, including six parts: input assets, asset collection, vulnerability profile, plug-in upload, single case detection and report display. The framework of vue realized the front end that included six pages, and the framework of gin realized the back end. The interface completed the separation of the front and back end. The database using MySQL designed seven tables. This scanner can avoid tedious and repetitive work, it can realize automatic scanning and testing of network vulnerabilities.

Junaid Akram,Luo Ping

DOI: https://doi.org/10.1049/iet-ifs.2018.5647

2020-01-01

IET Information Security

Abstract:Cybercrimes are on a dramatic rise worldwide. The crime rate is growing day by day in every field or department which is directly or indirectly connected to the internet including Government, business or any individual. The main objective of this study is to evaluate the vulnerabilities in different software systems at the source code level by tracing their patch files. The authors have collected the source code of different types of vulnerabilities at a different level of granularities. They have proposed different ways to collect or trace the vulnerability code, which can be very helpful for security experts, organisations and software developers to maintain security measures. By following their proposed method, you can build your own vulnerability data-set and can detect vulnerabilities in any system by using suitable code clone detection technique. The study also includes a discussion of reasons for the rise in cybercrimes including zero-day exploits. A case study has been discussed with results and research questions to show the effectiveness of this study. This study concludes with the effective key findings of published and non-published vulnerabilities and the ways to prevent from different security attacks to overcome cybercrimes.

Yongzhen Li,Gaolong Wang

DOI: https://doi.org/10.1109/ISAIEE57420.2022.00089

2022-12-01

Abstract:With the rapid development of the internet in China, we are dealing with web sites all the time, but with this comes the increasing vulnerability of various web applications. The vulnerability of web applications can be used to steal information, account theft and fraud, threatening the security of web applications. Therefore, the security detection of web applications is particularly important. This paper introduces the background of today's web application scanning technology, analyses the importance of securing web sites, and focuses on the history and future development trends of web application vulnerability scanning at home and abroad. The system is based on the OWASP Top 10 vulnerabilities of SQL injection and XSS, which have a large impact. By analysing the risks and principles of these two vulnerabilities, a scanning system is designed to run on the Windows platform.

Computer Science

Phakpoom Chinprutthiwong,Raj Vardhan,Guangliang Yang,Guofei Gu

DOI: https://doi.org/10.1145/3427228.3427290

2020-01-01

Abstract:Nowadays, modern websites are utilizing service workers to provide users with app-like functionalities such as offline mode and push notifications. To handle such features, the service worker is equipped with special privileges including HTTP traffic manipulation. Thus, it is designed with security as a priority. However, we find that many websites introduce a questionable practice that can jeopardize the security of a service worker. In this work, we demonstrate how this practice can result in a cross-site scripting (XSS) attack inside a service worker, allowing an attacker to obtain and leverage service worker privileges. Due to the uniqueness of these privileges, such attacks can lead to more severe consequences compared to a typical XSS attack. We term this type of vulnerability as Service Worker based Cross-Site Scripting (SW-XSS). To assess the real-world security impact, we develop a tool called SW-Scanner and use it to analyze top websites in the wild. Our findings reveal a worrisome trend. In total, we find 40 websites vulnerable to this attack including several popular and high ranking websites. Finally, we discuss potential defense solutions to mitigate the SW-XSS vulnerability.

Afiza Ariffin,Aina Razak

DOI: https://doi.org/10.1088/1742-6596/1529/5/052084

2020-05-01

Journal of Physics: Conference Series

Abstract:Abstract In the era of Internet of Things (IoT) technology, potential malware that has the ability to attack any computer software, server or network from various way are increasingly due to the common use of anti-malware software and some of malware, which is not detectable by antivirus. Seeing that the number of malware is increasing rapidly and each malware have different way to attack, it become more challenges to the existing malware detection to stave off extensively. Malware detection is a process to perform analysis of malware on examine the components and behaviours of malware. Malware detection involve two techniques, which consists of static and dynamic analysis techniques. Static analysis technique examine malware without running it or not viewing the actual code. It will employs different tools to identify malicious file, provide the functional information and collect technical indicator to produce signature. For dynamic analysis technique also called as behaviour analysis technique, it runs malware to observe its behaviour, understand the functionality and identify the technical indicator for signature detection. Although there are advantages to conducting static and dynamic separately, but there are some limitation. Implement static and dynamic analysis techniques together are more valuable for reverse engineering complex malware. It will helps to identify the true intent and capabilities of malware and can provide a technical indicator, which cannot be achievable individually. This research propose a hybrid technique, which integrates static and dynamic analysis technique, to examine malware and measure the effectiveness based on the detection time. The proposed scheme should able to run and examine a malware with a low detection time. Besides, this research will also come with some suggestion to be taken once the malware is detected. By using Java language, the web application to analysis malware by using hybrid technique will be presented.

SONG Hai-Ling,WEN Wei-Ping

DOI: https://doi.org/10.3969/j.issn.1671-1122.2011.08.024

2011-01-01

Abstract:This paper makes a comprehensive analysis and summary of the existing Web loophole mining technology and tools, to open source Web vulnerability scanning tool Paros Proxy as the research object, the Paros Proxy crawler module and a detection module for in-depth research and analysis, and its improvement. After the test, the improved Paros crawler module supports the JavaScript URLs analytical and crawling, can extract more webpage link, and the improved detection module, the vulnerability detection performance and efficiency can be improved significantly.

Assane Gueye,Peter Mell

DOI: https://doi.org/10.48550/arXiv.2102.01722

2021-02-02

Cryptography and Security

Abstract:Understanding the landscape of software vulnerabilities is key for developing effective security solutions. Fortunately, the evaluation of vulnerability databases that use a framework for communicating vulnerability attributes and their severity scores, such as the Common Vulnerability Scoring System (CVSS), can help shed light on the nature of publicly published vulnerabilities. In this paper, we characterize the software vulnerability landscape by performing a historical and statistical analysis of CVSS vulnerability metrics over the period of 2005 to 2019 through using data from the National Vulnerability Database. We conduct three studies analyzing the following: the distribution of CVSS scores (both empirical and theoretical), the distribution of CVSS metric values and how vulnerability characteristics change over time, and the relative rankings of the most frequent metric value over time. Our resulting analysis shows that the vulnerability threat landscape has been dominated by only a few vulnerability types and has changed little during the time period of the study. The overwhelming majority of vulnerabilities are exploitable over the network. The complexity to successfully exploit these vulnerabilities is dominantly low; very little authentication to the target victim is necessary for a successful attack. And most of the flaws require very limited interaction with users. However on the positive side, the damage of these vulnerabilities is mostly confined within the security scope of the impacted components. A discussion of lessons that could be learned from this analysis is presented.