Analysis of web worm attack on web application
This study of web worms attack on web application can be implemented to enhance the security of current web application. Nowadays, attack from worms and viruses on web application come with several motives, whether to gain administrative access or even for stealing. This can be happening from a simp...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2008
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/9490/1/AmalinaMohdGhazzaliMFSKSM2008.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.9490 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.94902018-07-19T01:50:59Z Analysis of web worm attack on web application 2008-10 Mohd. Ghazzali, Amalina QA76 Computer software This study of web worms attack on web application can be implemented to enhance the security of current web application. Nowadays, attack from worms and viruses on web application come with several motives, whether to gain administrative access or even for stealing. This can be happening from a simple attack which will lead to a devastating effect to the organization. This analysis consists of several steps from analyzing worms attack to producing a guideline for secure web application development. The worms attack is based on a web application model developed using PHP as programming language and using MySQL database. In this case, the vulnerabilities found on the web application will be match to the method of attack from worms, and finally come out with a guideline to prevent such attacks. Even this guideline will not hundred percent prevent the attack, hopefully for anyone who follow this guideline will be on the safer side and at least minimized the possibility of attack to happen on their web application. Finally, the guideline produce from this analysis can be use for developing a secure web application. This guideline will be a framework for those who are new in this field to prevent themselves from being a targeted attack from this internet attacks. 2008-10 Thesis http://eprints.utm.my/id/eprint/9490/ http://eprints.utm.my/id/eprint/9490/1/AmalinaMohdGhazzaliMFSKSM2008.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:840?site_name=Restricted Repository masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information System Faculty of Computer Science and Information System Billy Hoffman, Analysis of Web Application Worms and Viruses. SPI Labs Security Researcher. Bryan Sullivan, Malicious Code Injection: It’s Not Just for SQl Anymore. Chris Lambert (2003), Web Application Security. Boston : MIT Security Camp. Dancho Danchev (2005), Malware – future trends. Daniel Estermann (2006), Web Application Security 2.0: How to face current web security problems. Dharmesh M Mehta(2004), Jeopardy in Web 2.0, The Next Generation Web. The Open Web Application Security Project. Ed Skoudis with Lenny Zeltser (2004). Malware: Fighting Malicious Code. New Jersey : Prentice Hall. Gartner Group Web Sites Information Technology Security Report Lead Agency Publication (2006), Future Trends in Malicious Code – 2006 Report. Canada : Royal Canadian Mounted Police. Jose Nazario, with Jeremy Anderson, Rick Wash and Chris Connelly (2003), The Future of Internet Worms. Crimelabs Research. Micheal Cobb (2005), Introduction to Web Application Attacks, SearchSecurity’s Web Security School. Mike Shema (2007), Web Application Worms: The Future of Browser Insecurity. InfoSecrurity, New York. Mohammad Omar Khan (2007), Automated, self-propagating attacks on custom Web application code. Norhazimah Abdul Malek (2005), Securing Application From Hackers, Computimes. Open Web Application Security Project (OWASP)(2003), OWASP’s Top Vilnerabilities in Web Applications. Peleus G. Uhley (2003), Web Browser Vulnerabilities 101. Anonymizer Inc. Peter Sayer (2004), Santy.E Worm Poses Threat to Sites Badly Coded in PHP, IDG News Services. Sheeraj Shah (2005), Web Application Kung Fu, The Art of Defense. Malaysia : Net- Square Solutions Pvt. Ltd. Ulfar Erlingsson, Benjamin Livshits, Yinglian Xie (2007), End-to-end Web Application Security. Microsoft Research. Ulrich Bayer, Andreas Moser, Christopher Ktuegel, Engin Kirda(2006), Dynamic Analysis of Malicious Code. France : Springer. Vern Paxson (2005), Addressing the Threat of Internet Worms. ICSI Center for Internet Research and Lawrence Berkeley National Laboratory. WebSense (2004), Avoiding the Newest Security Threats From Web-Based Attacks. California : Websense, Inc. |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
QA76 Computer software |
| spellingShingle |
QA76 Computer software Mohd. Ghazzali, Amalina Analysis of web worm attack on web application |
| description |
This study of web worms attack on web application can be implemented to enhance the security of current web application. Nowadays, attack from worms and viruses on web application come with several motives, whether to gain administrative access or even for stealing. This can be happening from a simple attack which will lead to a devastating effect to the organization. This analysis consists of several steps from analyzing worms attack to producing a guideline for secure web application development. The worms attack is based on a web application model developed using PHP as programming language and using MySQL database. In this case, the vulnerabilities found on the web application will be match to the method of attack from worms, and finally come out with a guideline to prevent such attacks. Even this guideline will not hundred percent prevent the attack, hopefully for anyone who follow this guideline will be on the safer side and at least minimized the possibility of attack to happen on their web application. Finally, the guideline produce from this analysis can be use for developing a secure web application. This guideline will be a framework for those who are new in this field to prevent themselves from being a targeted attack from this internet attacks. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Mohd. Ghazzali, Amalina |
| author_facet |
Mohd. Ghazzali, Amalina |
| author_sort |
Mohd. Ghazzali, Amalina |
| title |
Analysis of web worm attack on web application |
| title_short |
Analysis of web worm attack on web application |
| title_full |
Analysis of web worm attack on web application |
| title_fullStr |
Analysis of web worm attack on web application |
| title_full_unstemmed |
Analysis of web worm attack on web application |
| title_sort |
analysis of web worm attack on web application |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Computer Science and Information System |
| granting_department |
Faculty of Computer Science and Information System |
| publishDate |
2008 |
| url |
http://eprints.utm.my/id/eprint/9490/1/AmalinaMohdGhazzaliMFSKSM2008.pdf |
| _version_ |
1747814738672222208 |