The approaches to quantify web application security scanners quality: A review

The web application security scanner is a computer program that assessed web application security with penetration testing technique. The benefit of automated web application penetration testing is huge, which web application security scanner not only reduced the time, cost, and resource required for web application penetration testing but also eliminate test engineer reliance on human knowledge. Nevertheless, web application security scanners are possessing weaknesses of low test coverage, and the scanners are generating inaccurate test results. Consequently, experimentations are frequently held to quantitatively quantify web application security scanner's quality to investigate the web application security scanner's strengths and limitations. However, there is a discovery that neither a standard methodology nor criterion is available for quantifying the web application security scanner's quality. Hence, in this paper systematic review is conducted and analysed the methodology and criterion used for quantifying web application security scanners' quality. In this survey, the experiment methodologies and criterions that had been used to quantify web application security scanner's quality is classified and review using the preferred reporting items for systematic reviews and meta-analyses (PRISMA) protocol. The objectives are to provide practitioners with the understanding of methodologies and criterions that available for measuring web application security scanners' test coverage, attack coverage, and vulnerability detection rate, while provides the critical hint for development of the next testing framework, model, methodology, or criterions, to measure web application security scanner quality

From Sensor to Observation Web with Environmental Enablers in the Future Internet

This paper outlines the grand challenges in global sustainability research and the objectives of the FP7 Future Internet PPP program within the Digital Agenda for Europe. Large user communities are generating significant amounts of valuable environmental observations at local and regional scales using the devices and services of the Future Internet. These communities’ environmental observations represent a wealth of information which is currently hardly used or used only in isolation and therefore in need of integration with other information sources. Indeed, this very integration will lead to a paradigm shift from a mere Sensor Web to an Observation Web with semantically enriched content emanating from sensors, environmental simulations and citizens. The paper also describes the research challenges to realize the Observation Web and the associated environmental enablers for the Future Internet. Such an environmental enabler could for instance be an electronic sensing device, a web-service application, or even a social networking group affording or facilitating the capability of the Future Internet applications to consume, produce, and use environmental observations in cross-domain applications. The term ?envirofied? Future Internet is coined to describe this overall target that forms a cornerstone of work in the Environmental Usage Area within the Future Internet PPP program. Relevant trends described in the paper are the usage of ubiquitous sensors (anywhere), the provision and generation of information by citizens, and the convergence of real and virtual realities to convey understanding of environmental observations. The paper addresses the technical challenges in the Environmental Usage Area and the need for designing multi-style service oriented architecture. Key topics are the mapping of requirements to capabilities, providing scalability and robustness with implementing context aware information retrieval. Another essential research topic is handling data fusion and model based computation, and the related propagation of information uncertainty. Approaches to security, standardization and harmonization, all essential for sustainable solutions, are summarized from the perspective of the Environmental Usage Area. The paper concludes with an overview of emerging, high impact applications in the environmental areas concerning land ecosystems (biodiversity), air quality (atmospheric conditions) and water ecosystems (marine asset management)

Understanding emerging client-Side web vulnerabilities using dynamic program analysis

Today's Web heavily relies on JavaScript as it is the main driving force behind the plethora of Web applications that we enjoy daily. The complexity and amount of this client-side code have been steadily increasing over the years. At the same time, new vulnerabilities keep being uncovered, for which we mostly rely on manual analysis of security experts. Unfortunately, such manual efforts do not scale to the problem space at hand. Therefore in this thesis, we present techniques capable of finding vulnerabilities automatically and at scale that originate from malicious inputs to postMessage handlers, polluted prototypes, and client-side storage mechanisms. Our results highlight that the investigated vulnerabilities are prevalent even among the most popular sites, showing the need for automated systems that help developers uncover them in a timely manner. Using the insights gained during our empirical studies, we provide recommendations for developers and browser vendors to tackle the underlying problems in the future. Furthermore, we show that security mechanisms designed to mitigate such and similar issues cannot currently be deployed by first-party applications due to their reliance on third-party functionality. This leaves developers in a no-win situation, in which either functionality can be preserved or security enforced.JavaScript ist die treibende Kraft hinter all den Web Applikationen, die wir heutzutage täglich nutzen. Allerdings ist über die Zeit hinweg gesehen die Masse, aber auch die Komplexität, von Client-seitigem JavaScript Code stetig gestiegen. Außerdem finden Sicherheitsexperten immer wieder neue Arten von Verwundbarkeiten, meistens durch manuelle Analyse des Codes. In diesem Werk untersuchen wir deshalb Methodiken, mit denen wir automatisch Verwundbarkeiten finden können, die von postMessages, veränderten Prototypen, oder Werten aus Client-seitigen Persistenzmechnanismen stammen. Unsere Ergebnisse zeigen, dass die untersuchten Schwachstellen selbst unter den populärsten Websites weit verbreitet sind, was den Bedarf an automatisierten Systemen zeigt, die Entwickler bei der rechtzeitigen Aufdeckung dieser Schwachstellen unterstützen. Anhand der in unseren empirischen Studien gewonnenen Erkenntnissen geben wir Empfehlungen für Entwickler und Browser-Anbieter, um die zugrunde liegenden Probleme in Zukunft anzugehen. Zudem zeigen wir auf, dass Sicherheitsmechanismen, die solche und ähnliche Probleme mitigieren sollen, derzeit nicht von Seitenbetreibern eingesetzt werden können, da sie auf die Funktionalität von Drittanbietern angewiesen sind. Dies zwingt den Seitenbetreiber dazu, zwischen Funktionalität und Sicherheit zu wählen

Assessing The Security Posture Of Openemr Using Capec Attack Patterns

Attack patterns describe the common methods of exploiting software. Good software engineering practices and principles alone are not enough to produce secure software. It is also important to know how software it attacked and to guard against it. Knowledge of attack patterns provides a good perspective of an attacker, thus enabling developers and testers to build secure software. CAPEC list is a taxonomy of attack patterns which we believe can enhance security testing. This research seeks to assess the security posture of OpenEMR 4.1.1, an open source Electronic Medical Record (EMR) system, based on CAPEC attack patterns. Five categories of CAPEC attack patterns were analyzed to find their relevance and applicability to OpenEMR. Whereas inapplicable attack patterns were not further considered, applicable attack patterns were further tested to assess OpenEMR vulnerability to them. Various security testing tools were used to carry out the tests. Attack patterns helped to focus black-box and white-box testing procedures on what and where to test. OpenEMR was found to be vulnerable to a number of vulnerabilities such as cross site scripting, authentication bypass, session sidejacking, among others. A number of exploitations were carried out based on the vulnerabilities discovered

Security Analysis of Android Applications

Nowadays, people can easily jump into learning programming on any platform they are interested in. It is the same with Android application development. However, security aspects during development are usually not considered in the first place. Sometimes testing an application's security has to be done in divergent environments and with different techniques, approaches, and tools. The more testing and investigation techniques used on an application; the more fields would be covered. Using static and dynamic analysis together can produce better security research coverage than using only one approach. The first and most important thing about cyber security is the theory. Developers must pay attention to many diverse parts of functions’ behaviors and be completely aware of the existing implementation of the built-in Android components. How can an Android application developer ensure that their application is not exposed to attackers? A feasible way to learn how to defend your application is to attempt to attack it. By examining penetration testing techniques, network monitoring, vulnerability showcases, and explanations, developers can answer how to find and take advantage of security weaknesses and threats in an application and how to come up with mitigations for it

Bagley: Automated tool for reconnaissance and vulnerability detection in Bug Bounty environments

Bug Bounties are monetary rewards that companies pay to independent security researchers when they successfully find and report an exploitable vulnerability. A bounty for a critical vulnerability in a big company can reach the equivalent to a year’s salary in Spain, and this amount is not defined by the complexity of the bug, but by the impact of it. This means that very simple to find and exploit bugs that affect critical infrastructure can report a very big amount of money if the person who finds it is in the right place, in the right moment. The goal of this project is to build and maintain an automated tool that runs on its own, in a Virtual Private Server and is able to perform reconnaissance and detect these simple vulnerabilities in a target. It also implements a communication interface over Discord, so that the researcher can operate it at any moment with any device and find out immediately if something is discovered, making it the perfect tool for assisting bug hunters

Automated Discovery in Econometrics

Our subject is the notion of automated discovery in econometrics. Advances in computer power, electronic communication, and data collection processes have all changed the way econometrics is conducted. These advances have helped to elevate the status of empirical research within the economics profession in recent years and they now open up new possibilities for empirical econometric practice. Of particular significance is the ability to build econometric models in an automated way according to an algorithm of decision rules that allow for (what we call here) heteroskedastic and autocorrelation robust (HAR) inference. Computerized search algorithms may be implemented to seek out suitable models, thousands of regressions and model evaluations may be performed in seconds, statistical inference may be automated according to the properties of the data, and policy decisions can be made and adjusted in real time with the arrival of new data. We discuss some aspects and implications of these exciting, emergent trends in econometrics.Automation, discovery, HAC estimation, HAR inference, model building, online econometrics, policy analysis, prediction, trends