Analysis of web application security mechanism and Attack Detection using Vulnerability injection technique

摘要

The internet is growing rapidly and interconnected different wired and wireless networks with each other. By using a client server architecture computing devices which are located at different geographical locations all around the world connect to the World Wide Web. Client can access information from the web server through the web browser. Web server fetches data from the database server. Malicious minds all over the world break down the security of the data driven web applications and illegally access some private data, manipulate data or perform different malicious activities which may lead to great damage or financial loss. SQL injection attack and Denial-of-service (DOS) attack are two most important security threads found in the web applications. SQL injection is a one of the web application security vulnerability in which SQL statements are altered by attackers which is executed by the web application and submitted to the database server. DOS attack is an attack which makes network resources unavailable to its intended users. In this paper, we propose a method for evaluation of the current security mechanism by injecting vulnerabilities in the web application and exploit them using Distributed Vulnerability and Attack Detection Tool (DVADT).