English
Related papers

Related papers: Understanding The Top 10 OWASP Vulnerabilities

200 papers

Enterprises are constantly under attack from sophisticated adversaries. These adversaries use a variety of techniques to first gain access to the enterprise, then spread laterally inside its networks, establish persistence, and finally…

Cryptography and Security · Computer Science 2024-06-14 Sumanth Rao

Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides…

Software Engineering · Computer Science 2025-10-02 Kiana Kiashemshaki , Mohammad Jalili Torkamani , Negin Mahmoudi

Web browsers are integral parts of everyone's daily life. They are commonly used for security-critical and privacy sensitive tasks, like banking transactions and checking medical records. Unfortunately, modern web browsers are too complex…

Cryptography and Security · Computer Science 2022-01-03 Jungwon Lim , Yonghwi Jin , Mansour Alharthi , Xiaokuan Zhang , Jinho Jung , Rajat Gupta , Kuilin Li , Daehee Jang , Taesoo Kim

PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application without…

Cryptography and Security · Computer Science 2015-06-17 C. Sireesha , G. Jyostna , P. Raghu Varan , P. R. L. Eswari

Mobile applications (apps) have become an essential part of everyday life, offering convenient access to services such as banking, healthcare, and shopping. With these apps handling sensitive personal and financial data, ensuring their…

Cryptography and Security · Computer Science 2024-08-20 Anthony Peruma , Timothy Huo , Ana Catarina Araújo , Jake Imanaka , Rick Kazman

In this work we analyse five popular commercial password managers for security vulnerabilities. Our analysis is twofold. First, we compile a list of previously disclosed vulnerabilities through a comprehensive review of the academic and…

Cryptography and Security · Computer Science 2020-03-18 Michael Carr , Siamak F. Shahandashti

These days, cyber-criminals target humans rather than machines since they try to accomplish their malicious intentions by exploiting the weaknesses of end users. Thus, human vulnerabilities pose a serious threat to the security and…

Cryptography and Security · Computer Science 2021-06-25 Dimitra Papatsaroucha , Yannis Nikoloudakis , Ioannis Kefaloukos , Evangelos Pallis , Evangelos K. Markakis

The most common attacks against web sessions are reviewed in this paper, for example, some attacks against web browsers' honest users attempting to create session with trusted web browser application legally. We have assessed with four…

Software Engineering · Computer Science 2023-10-18 Md. Imtiaz Habib , Abdullah Al Maruf , Md. Jobair Ahmed Nabil

This paper reports a large-scale study that aims to understand how mobile application (app) vulnerabilities are associated with software libraries. We analyze both free and paid apps. Studying paid apps was quite meaningful because it…

Cryptography and Security · Computer Science 2017-03-28 Takuya Watanabe , Mitsuaki Akiyama , Fumihiro Kanei , Eitaro Shioji , Yuta Takata , Bo Sun , Yuta Ishi , Toshiki Shibahara , Takeshi Yagi , Tatsuya Mori

Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole…

Cryptography and Security · Computer Science 2017-05-11 Federico De Meo , Luca Viganò

The rapid proliferation of network applications has led to a significant increase in network attacks. According to the OWASP Top 10 Projects report released in 2021, injection attacks rank among the top three vulnerabilities in software…

Software Engineering · Computer Science 2025-09-16 Guan-Yan Yang , Farn Wang , You-Zong Gu , Ya-Wen Teng , Kuo-Hui Yeh , Ping-Hsueh Ho , Wei-Ling Wen

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them result in overall project failure due to incorrect or missing quality characteristics such as security. There are…

Software Engineering · Computer Science 2019-06-28 H. Villamizar , A. A. Neto , M. Kalinowski , A. Garcia , D. Mendez Fernández

Developers rely on online tutorials to learn web application security, but tutorial quality varies. We reviewed 132 free security tutorials to examine topic coverage, authorship, and technical depth. Our analysis shows that most tutorials…

Cryptography and Security · Computer Science 2026-03-24 Bhagya Chembakottu , Martin P. Robillard

Cross Site Scripting (XSS) is one of the most critical vulnerabilities exist in web applications. XSS can be prevented by encoding untrusted data that are loaded into browser content of web applications. Security Application Programming…

Cryptography and Security · Computer Science 2018-10-03 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Thanks to the advance of technology, all kinds of applications are becoming more complete and capable of performing complex tasks that save much of our time. But to perform these tasks, applications require that some personal information…

Cryptography and Security · Computer Science 2020-07-15 Guilherme Girotto , Avelino Francisco Zorzo

Modern web applications are dominated by HTTP/HTTPS messages that consist of one or more headers, where most of the exploits and payloads can be injected by attackers. According to the OWASP, the 80 percent of the web attacks are done…

Cryptography and Security · Computer Science 2020-11-09 Tikam Alma , Manik Lal Das

This article puts forward the use of mutual information values to replicate the expertise of security professionals in selecting features for detecting web attacks. The goal is to enhance the effectiveness of web application firewalls…

Cryptography and Security · Computer Science 2024-07-29 Amanda Riverol , Gustavo Betarte , Rodrigo Martínez , Álvaro Pardo

Web APIs provide a systematic and extensible approach for application-to-application interaction. A large number of mobile applications makes use of web APIs to integrate services into apps. Each Web API's evolution pace is determined by…

Software Engineering · Computer Science 2014-07-17 Tiago Espinha , Andy Zaidman , Hans-Gerhard Gross

The ubiquity of mobile applications has increased dramatically in recent years, opening up new opportunities for cyber attackers and heightening security concerns in the mobile ecosystem. As a result, researchers and practitioners have…

Cryptography and Security · Computer Science 2025-04-22 Irdin Pekaric , Clemens Sauerwein , Simon Laichner , Ruth Breu

According to the World Economic Forum, cyber attacks are considered as one of the most important sources of risk to companies and institutions worldwide. Attacks can target the network, software, and/or hardware. During the past years, much…

Cryptography and Security · Computer Science 2022-08-31 Tara Ghasempouri , Jaan Raik , Cezar Reinbrecht , Said Hamdioui , Mottaqiallah Taouil