Title: Open source web application security: A static analysis approach
Abstract: In this paper, we have tested several open source web applications against common security vulnerabilities. These vulnerabilities spans from unnecessary data member declaration to leaving gaps for SQL injection. The static security vulnerabilities testing was done in three categories (1) Dodgy code vulnerabilities (2) Malicious code vulnerabilities (3) Security code vulnerabilities on seven (7) different web applications built in Java. It is evident from the obtained results that almost all selected applications have similar kind of vulnerabilities that might have been introduced due to hasty programming or lack of developer knowledge against security vulnerabilities. We recommend to create an intelligent development framework that can provide suggestions for secure development by overcoming common vulnerabilities, can add missing code and can learn from expert developer's practices to overcome the security vulnerabilities.
Publication Year: 2016
Publication Date: 2016-09-01
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
Cited By Count: 16
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot