Abstract:
Web applications are open and available on the internet 24/7 and the attackers can easily access the applications from anywhere and can penetrate the system by identifying and exploiting the vulnerability exists within it. Probability of web applications to be attacked is very high compared to the offline applications. The number of new developments for security enhancements is tend to be increasing, on the other hand the new modern technologies like HTML5, CSS3, jQuery, Silverlight and so on creates new vulnerabilities every minute and the number of such attacks increasing in a very high order. The attacker not just looking for the sensitive information from the victims web application; these applications could be used for further criminal activities including terrorism, drug dealing etc. The research is to investigate the vulnerabilities affecting the web applications and to develop an automated web application vulnerability scanner. The investigation is also focuses on the motivations and profits behind these attacks. With this application users could be able to test the web application’s security rating based on the possible vulnerabilities and developers could be able to perform penetration search within their application.
Web applications are open and available on the internet 24/7 and the attackers can easily access the applications from anywhere and can penetrate the system by identifying and exploiting the vulnerability exists within it. Probability of web applications to be attacked is very high compared to the offline applications. The number of new developments for security enhancements is tend to be increasing, on the other hand the new modern technologies like HTML5, CSS3, jQuery, Silverlight and so on creates new vulnerabilities every minute and the number of such attacks increasing in a very high order. The attacker not just looking for the sensitive information from the victims web application; these applications could be used for further criminal activities including terrorism, drug dealing etc. The research is to investigate the vulnerabilities affecting the web applications and to develop an automated web application vulnerability scanner. The investigation is also focuses on the motivations and profits behind these attacks. With this application users could be able to test the web application’s security rating based on the possible vulnerabilities and developers could be able to perform penetration search within their application.
Most
of the web applications suffers from generic validation errors and causes
security vulnerabilities. SQL Injection, Cross-Site Scripting (XSS), Cross-Site
Request Forgery etc are examples of popular vulnerabilities exist within web
applications. Majority of these web vulnerabilities are easy to identify and
avoid, but unfortunately the developers are not much security aware or they
work in very small time constraints. As a result more and more web applications
on the internet would be vulnerable. (Stefan Kals, 2006)
The
cyber crimes and the cyber attacks to web applications could be categorized on
a general principle that what illegal offline is illegal online. The research
is on the crimes which can only be carried out using the internet, including
attacks on computer systems to disrupt IT infrastructure, and the stealing of
data over a network using malware, often to enable further crime. The cyber
attackers attempt to access information stored on a computer. Information may
have a sale value (corporate espionage), may be valuable to the owner (ransom opportunity)
or may be useful for further illegal activity such as fraud. Threats,
motivations and profit achieved from cyber attacks being investigated.
Computing Courses
BSc and HND Computing Provision (click on the links below for more details of the courses)
BSc and HND Computing Provision (click on the links below for more details of the courses)
- BSc (Hons) Computing (also available part-time)
- BSc (Hons) Computing (Graphics and Visualisation)
- BSc (Hons) Computing (Internet Technology and Security)
- BSc (Hons) Computing (Mobile Computing)
- BSc (Hons) Computing (Software Engineering)
- BSc (Hons) Computing - One Year Top-Up
- BSc Computer Games Development
- HND Computing (Computer Networks Engineering)
- HND Computing (Computer Systems Engineering)
- HND Computing (Graphics and Visualisation)
- HND Computing (Internet Technology and Security)
- HND Computing (Mobile Computing)
- HND Computing (Software Engineering)
- HND Computing
The University of Northampton's, Department of Computing and Immersive Technologies offers five courses within the MSc Computing postgraduate provision (shown below) all available either part-time or full-time.
- MSc Computing
- MSc Computing (Internet Technology and Security)
- MSc Computing (Computer Networks Engineering)
- MSc Computing (Software Engineering)
- MSc Computing (Immersive Technologies)
The contents are the opinion of the author(s) and not necessarily the view of the University of Northampton.
fine
ReplyDelete