Saxena, N.  ORCID: https://orcid.org/0000-0002-6437-0807, Potter, C. and Maity, S.
2023.
Clarity: Analysing security in web applications.
Presented at: COMSNETS,
Bengaluru, India,
3-8 January 2023.
2023 15th International Conference on COMmunication Systems & NETworkS (COMSNETS).
IEEE,
pp. 522-528.
10.1109/COMSNETS56262.2023.10041289
|
Preview |
PDF
- Accepted Post-Print Version
Download (475kB) | Preview |
Official URL: https://doi.org/10.1109/COMSNETS56262.2023.1004128...
Abstract
The rapid rise in business' moving online has resulted in e-commerce web applications becoming increasingly targeted by hackers. This paper proposes Clarity, a dynamic black box vulnerability scanner capable of detecting Cross-Site Scripting, SQL Injection, HTTP Response Splitting, and Session Management vulnerabilities in web applications. The developed tool employs the use of Mechanize and Selenium to perform the majority of its web scraping requirements. Clarity was tested against 50 e-commerce web applications, uncovering Session Management flaws as the most prevalent vulnerability, with 36 out of the 50 applications being vulnerable.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Date Type: | Published Online |
| Status: | Published |
| Schools: | Computer Science & Informatics |
| Publisher: | IEEE |
| ISBN: | 978-1-6654-7706-2 |
| Date of First Compliant Deposit: | 3 April 2023 |
| Last Modified: | 03 May 2023 01:30 |
| URI: | https://orca.cardiff.ac.uk/id/eprint/155302 |
Actions (repository staff only)
 |
Edit Item |
Dimensions
Dimensions
Cardiff University Information Services