Abstract
The web security vulnerabilities such as eavesdropping, impersonation, data sniffing, denial of service, and port hacking are investigated by analyzing the security weakness using the security exploration tools. Security management policies were developed based on these analyses. The results indicated that security policies produced from there analyses would enhance the web security tremendously on an organizational network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Scambray, J., Shema, M., Sima, C.: Hacking Exposed Web Applications, 2nd edn. McGraw-Hill (2006)
Pfleeger, C.P., Plfeeger, S.L.: Security in Computing, 4th edn. Prentice-Hall (2007)
Packet Sniffing using Wireshark, http://www.securitytube.net/Packet-Sniffing-using-Wireshark-video.aspx
Wikipedia, Cain and Abel (software), http://en.wikipedia.org/wiki/Cain_and_Abel_software
Wikipedia, ARP Poisoning, http://en.wikipedia.org/wiki/ARP_spoofing
Nmap, Network Mapper, http://nmap.org/
Alberts, C.: Operational Critical Threat, Asset and Vulnerability Evaluation. Software Engineering Institute Technical Report, CMU/SEI-99-TR-017 (June 1999)
Plfeeger, S.L.: Investing in Cyber Security: The Path to Good Practice. Cutter IT Jl 19(1), 11–18 (2006)
Wadlow, T., Gorelik, V.: Security in the Brower. Communication of the ACM 52(5), 40–45 (2009)
Conti, G.: Hacking and Innovation. Communication of the ACM 49(6), 33–36 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag GmbH Berlin Heidelberg
About this paper
Cite this paper
Liu, J., Tiwari, K.K. (2012). Web Security Vulnerability Analysis Using Network and Information Security Tools. In: Hu, W. (eds) Advances in Electric and Electronics. Lecture Notes in Electrical Engineering, vol 155. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28744-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-28744-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28743-5
Online ISBN: 978-3-642-28744-2
eBook Packages: EngineeringEngineering (R0)