• DocumentCode
    3650580
  • Title

    Guidelines for Discovering and Improving Application Security

  • Author

    Gabriel Avramescu;Mihai Bucicoiu;Daniel Rosner;Nicolae Tapus

  • Author_Institution
    Fac. of Autom. Control &
  • fYear
    2013
  • Firstpage
    560
  • Lastpage
    565
  • Abstract
    This paper analyzes current threats in computer security for web-based applications with a SQL database. We conduct a penetration test in a real-case scenario of multiple attacks against the network, the web application and the SQL database. The test infrastructure includes two servers, a firewall and one machine that acts as an attacker´s computer. Based on our empirical analysis we diagnose specific vulnerabilities and we formulate best practices to improve security against common attack. The article contributes to the discussion of state-of-the art security techniques and illustrates the value of penetration testing for diagnosing attacks against specific technologies.
  • Keywords
    "HTML","Security","Testing","Browsers","Servers","Encoding","Ports (Computers)"
  • Publisher
    ieee
  • Conference_Titel
    Control Systems and Computer Science (CSCS), 2013 19th International Conference on
  • Print_ISBN
    978-1-4673-6140-8
  • Type

    conf

  • DOI
    10.1109/CSCS.2013.93
  • Filename
    6569320
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3650580