Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Clarity: Analysing security in web applications

Saxena, N. ORCID: https://orcid.org/0000-0002-6437-0807, Potter, C. and Maity, S. 2023. Clarity: Analysing security in web applications. Presented at: COMSNETS, Bengaluru, India, 3-8 January 2023. 2023 15th International Conference on COMmunication Systems & NETworkS (COMSNETS). IEEE, pp. 522-528. 10.1109/COMSNETS56262.2023.10041289

[thumbnail of comsnets paper.pdf]
Preview
PDF - Accepted Post-Print Version
Download (475kB) | Preview

Abstract

The rapid rise in business' moving online has resulted in e-commerce web applications becoming increasingly targeted by hackers. This paper proposes Clarity, a dynamic black box vulnerability scanner capable of detecting Cross-Site Scripting, SQL Injection, HTTP Response Splitting, and Session Management vulnerabilities in web applications. The developed tool employs the use of Mechanize and Selenium to perform the majority of its web scraping requirements. Clarity was tested against 50 e-commerce web applications, uncovering Session Management flaws as the most prevalent vulnerability, with 36 out of the 50 applications being vulnerable.

Item Type: Conference or Workshop Item (Paper)
Date Type: Published Online
Status: Published
Schools: Computer Science & Informatics
Publisher: IEEE
ISBN: 978-1-6654-7706-2
Date of First Compliant Deposit: 3 April 2023
Last Modified: 03 May 2023 01:30
URI: https://orca.cardiff.ac.uk/id/eprint/155302

Actions (repository staff only)

Edit Item Edit Item

Downloads

Downloads per month over past year

View more statistics