Home / Advanced Search

  • Title/Keywords

  • Author/Affliations

  • Journal

  • Article Type

  • Start Year

  • End Year

Update SearchingClear
  • Articles
  • Online
Search Results (21)
  • Open Access

    ARTICLE

    A Web Application Fingerprint Recognition Method Based on Machine Learning

    Yanmei Shi1, Wei Yu2,*, Yanxia Zhao3,*, Yungang Jia4

    CMES-Computer Modeling in Engineering & Sciences, Vol.140, No.1, pp. 887-906, 2024, DOI:10.32604/cmes.2024.046140 - 16 April 2024

    Abstract Web application fingerprint recognition is an effective security technology designed to identify and classify web applications, thereby enhancing the detection of potential threats and attacks. Traditional fingerprint recognition methods, which rely on preannotated feature matching, face inherent limitations due to the ever-evolving nature and diverse landscape of web applications. In response to these challenges, this work proposes an innovative web application fingerprint recognition method founded on clustering techniques. The method involves extensive data collection from the Tranco List, employing adjusted feature selection built upon Wappalyzer and noise reduction through truncated SVD dimensionality reduction. The core… More >

  • Open Access

    ARTICLE

    Portable and Efficient Implementation of CRYSTALS-Kyber Based on WebAssembly

    Seog Chung Seo1, HeeSeok Kim2,*

    Computer Systems Science and Engineering, Vol.46, No.2, pp. 2091-2107, 2023, DOI:10.32604/csse.2023.035064 - 09 February 2023

    Abstract With the rapid development of quantum computers capable of realizing Shor’s algorithm, existing public key-based algorithms face a significant security risk. Crystals-Kyber has been selected as the only key encapsulation mechanism (KEM) algorithm in the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) competition. In this study, we present a portable and efficient implementation of a Crystals-Kyber post-quantum KEM based on WebAssembly (Wasm), a recently released portable execution framework for high-performance web applications. Until now, most Kyber implementations have been developed with native programming languages such as C and Assembly. Although there are… More >

  • Open Access

    ARTICLE

    JShellDetector: A Java Fileless Webshell Detector Based on Program Analysis

    Xuyan Song, Yiting Qin, Xinyao Liu, Baojiang Cui*, Junsong Fu

    CMC-Computers, Materials & Continua, Vol.75, No.1, pp. 2061-2078, 2023, DOI:10.32604/cmc.2023.034505 - 06 February 2023

    Abstract Fileless webshell attacks against Java web applications have become more frequent in recent years as Java has gained market share. Webshell is a malicious script that can remotely execute commands and invade servers. It is widely used in attacks against web applications. In contrast to traditional file-based webshells, fileless webshells leave no traces on the hard drive, which means they are invisible to most antivirus software. To make matters worse, although there are some studies on fileless webshells, almost all of them are aimed at web applications developed in the PHP language. The complex mechanism… More >

  • Open Access

    ARTICLE

    Systematic Approach for Web Protection Runtime Tools’ Effectiveness Analysis

    Tomás Sureda Riera1,*, Juan Ramón Bermejo Higuera2, Javier Bermejo Higuera2, Juan Antonio Sicilia Montalvo2, José Javier Martínez Herráiz1

    CMES-Computer Modeling in Engineering & Sciences, Vol.133, No.3, pp. 579-599, 2022, DOI:10.32604/cmes.2022.020976 - 03 August 2022

    Abstract Web applications represent one of the principal vehicles by which attackers gain access to an organization’s network or resources. Thus, different approaches to protect web applications have been proposed to date. Of them, the two major approaches areWeb Application Firewalls (WAF) and Runtime Application Self Protection (RASP). It is, thus, essential to understand the differences and relative effectiveness of both these approaches for effective decisionmaking regarding the security of web applications. Here we present a comparative study between WAF and RASP simulated settings, with the aim to compare their effectiveness and efficiency against different categories More >

  • Open Access

    ARTICLE

    Achieving State Space Reduction in Generated Ajax Web Application State Machine

    Nadeem Fakhar Malik1,*, Aamer Nadeem1, Muddassar Azam Sindhu2

    Intelligent Automation & Soft Computing, Vol.33, No.1, pp. 429-455, 2022, DOI:10.32604/iasc.2022.023423 - 05 January 2022

    Abstract The testing of Ajax (Asynchronous JavaScript and XML) web applications poses novel challenges for testers because Ajax constructs dynamic web applications by using Asynchronous communication and run time Document Object Model (DOM) manipulation. Ajax involves extreme dynamism, which induces novel kind of issues like state explosion, triggering state changes and unreachable states etc. that require more demanding web-testing methods. Model based testing is amongst the effective approaches to detect faults in web applications. However, the state model generated for an Ajax application can be enormous and may be hit by state explosion problem for large… More >

  • Open Access

    ARTICLE

    Evaluating the Impacts of Security-Durability Characteristic: Data Science Perspective

    Abdullah Alharbi1, Masood Ahmad2, Wael Alosaimi1, Hashem Alyami3, Alka Agrawal2, Rajeev Kumar4,*, Abdul Wahid5, Raees Ahmad Khan2

    Computer Systems Science and Engineering, Vol.41, No.2, pp. 557-567, 2022, DOI:10.32604/csse.2022.020843 - 25 October 2021

    Abstract Security has always been a vital research topic since the birth of web application. A great deal of research has been conducted to determine the ways of identifying and classifying security issues or goals However, in the recent years, it has been noticed that high secure web applications have less durability; thus reducing their business continuity. High security features of a web application are worthless unless they provide effective services to the user and meet the standards of commercial viability. Hence, there is a need to bridge the gap between security and durability of the… More >

  • Open Access

    ARTICLE

    Hesitant Fuzzy-Sets Based Decision-Making Model for Security Risk Assessment

    Ahmed S. Alfakeeh1, Abdulmohsen Almalawi2, Fawaz Jaber Alsolami2, Yoosef B. Abushark2, Asif Irshad Khan2,*, Adel Aboud S. Bahaddad1, Alka Agrawal3, Rajeev Kumar4, Raees Ahmad Khan3

    CMC-Computers, Materials & Continua, Vol.70, No.2, pp. 2297-2317, 2022, DOI:10.32604/cmc.2022.020146 - 27 September 2021

    Abstract Security is an important component in the process of developing healthcare web applications. We need to ensure security maintenance; therefore the analysis of healthcare web application's security risk is of utmost importance. Properties must be considered to minimise the security risk. Additionally, security risk management activities are revised, prepared, implemented, tracked, and regularly set up efficiently to design the security of healthcare web applications. Managing the security risk of a healthcare web application must be considered as the key component. Security is, in specific, seen as an add-on during the development process of healthcare web… More >

  • Open Access

    ARTICLE

    Hybrid Computational Modeling for Web Application Security Assessment

    Adil Hussain Seh1, Jehad F. Al-Amri2, Ahmad F. Subahi3, Md Tarique Jamal Ansari1, Rajeev Kumar4,*, Mohammad Ubaidullah Bokhari5, Raees Ahmad Khan1

    CMC-Computers, Materials & Continua, Vol.70, No.1, pp. 469-489, 2022, DOI:10.32604/cmc.2022.019593 - 07 September 2021

    Abstract Transformation from conventional business management systems to smart digital systems is a recurrent trend in the current era. This has led to digital revolution, and in this context, the hardwired technologies in the software industry play a significant role However, from the beginning, software security remains a serious issue for all levels of stakeholders. Software vulnerabilities lead to intrusions that cause data breaches and result in disclosure of sensitive data, compromising the organizations’ reputation that translates into, financial losses as well. Most of the data breaches are financially motivated, especially in the healthcare sector. The… More >

  • Open Access

    ARTICLE

    Definition and Development of a Control Concept Applied in Elements Distributed for Manage Them Using IoT

    Jesus Hamilton Ortiz1, Osamah Ibrahim Khalaf2, Fernando Velez Varela3,*, Nicolas Minotta Rodriguez3, Christian Andres Mosquera Gil3

    Journal on Internet of Things, Vol.3, No.3, pp. 87-97, 2021, DOI:10.32604/jiot.2021.014737 - 16 December 2021

    Abstract In recent years, the Internet has gradually developed into a mature tool, which can integrate technologies involved in different application scenarios. The Internet allows the integration of solutions to different problems, which benefits both users and companies. The Internet of Things is a further development of the Internet, which can further realize the interconnection of people, machines, and things. The work of this paper mainly focuses on the use of Internet of Things technology to achieve efficient management. A wireless device is designed in the paper, which can be integrated in a helmet. This helmet More >

  • Open Access

    ARTICLE

    Combinatorial Method with Static Analysis for Source Code Security in Web Applications

    Juan Ramón Bermejo Higuera1, Javier Bermejo Higuera1, Juan Antonio Sicilia Montalvo1, Tomás Sureda Riera2, Christopher I. Argyros3, Á. Alberto Magreñán4,*

    CMES-Computer Modeling in Engineering & Sciences, Vol.129, No.2, pp. 541-565, 2021, DOI:10.32604/cmes.2021.017213 - 08 October 2021

    Abstract Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity. The construction of the procedure utilized in the static analysis tools of source code security differs and therefore each tool finds a different number of each weakness type for which it is designed. To utilize the possible synergies different static analysis tools may process, this work uses a new method to combine several source codes aiming to investigate how to increase the performance of security weakness detection while reducing the number of false positives. Specifically, five static analysis More >

Displaying 1-10 on page 1 of 21. Per Page