Home / Advanced Search

  • Title/Keywords

  • Author/Affliations

  • Journal

  • Article Type

  • Start Year

  • End Year

Update SearchingClear
  • Articles
  • Online
Search Results (4)
  • Open Access

    ARTICLE

    Combinatorial Method with Static Analysis for Source Code Security in Web Applications

    Juan Ramón Bermejo Higuera1, Javier Bermejo Higuera1, Juan Antonio Sicilia Montalvo1, Tomás Sureda Riera2, Christopher I. Argyros3, Á. Alberto Magreñán4,*

    CMES-Computer Modeling in Engineering & Sciences, Vol.129, No.2, pp. 541-565, 2021, DOI:10.32604/cmes.2021.017213 - 08 October 2021

    Abstract Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity. The construction of the procedure utilized in the static analysis tools of source code security differs and therefore each tool finds a different number of each weakness type for which it is designed. To utilize the possible synergies different static analysis tools may process, this work uses a new method to combine several source codes aiming to investigate how to increase the performance of security weakness detection while reducing the number of false positives. Specifically, five static analysis More >

  • Open Access

    ARTICLE

    Analysis of Security Testing Techniques

    Omer Bin Tauqeer1, Sadeeq Jan1,*, Alaa Omar Khadidos2, Adil Omar Khadidos3, Fazal Qudus Khan3, Sana Khattak1

    Intelligent Automation & Soft Computing, Vol.29, No.1, pp. 291-306, 2021, DOI:10.32604/iasc.2021.017260 - 12 May 2021

    Abstract In the past decades, a significant increase has been observed in cyber-attacks on the web-based systems used for financial purposes. Such individual systems often contain security weaknesses, called vulnerabilities that can be exploited for malicious purposes. The exploitation of such vulnerabilities can result in disclosure and manipulation of sensitive data as well as have destructive effects. To protect such systems, security testing is required on a periodic basis. Various detection and assessment techniques have been suggested by developers and researchers to address these security issues. In this paper, we survey the contributions of academia in… More >

  • Open Access

    ARTICLE

    Hybrid Security Assessment Methodology for Web Applications

    Roddy A. Correa1, Juan Ramón Bermejo Higuera2, Javier Bermejo Higuera2, Juan Antonio Sicilia Montalvo2, Manuel Sánchez Rubio2, Á. Alberto Magreñán3,*

    CMES-Computer Modeling in Engineering & Sciences, Vol.126, No.1, pp. 89-124, 2021, DOI:10.32604/cmes.2021.010700 - 22 December 2020

    Abstract This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications. The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box, to carry out the security validation of a web application in an agile and precise way. The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks. Each one of the phases contemplated in the methodology is supported by security analysis tools of different… More >

  • Open Access

    ARTICLE

    A Framework for Systematic Classification of Assets for Security Testing

    Sadeeq Jan1,*, Omer Bin Tauqeer1, Fazal Qudus Khan2, George Tsaramirsis2, Awais Ahmad3, Iftikhar Ahmad4, Imran Maqsood5, Niamat Ullah6

    CMC-Computers, Materials & Continua, Vol.66, No.1, pp. 631-645, 2021, DOI:10.32604/cmc.2020.012831 - 30 October 2020

    Abstract Over the last decade, a significant increase has been observed in the use of web-based Information systems that process sensitive information, e.g., personal, financial, medical. With this increased use, the security of such systems became a crucial aspect to ensure safety, integrity and authenticity of the data. To achieve the objectives of data safety, security testing is performed. However, with growth and diversity of information systems, it is challenging to apply security testing for each and every system. Therefore, it is important to classify the assets based on their required level of security using an More >

Displaying 1-10 on page 1 of 4. Per Page