Visible to the public An analysis of XSS, CSRF and SQL injection in colombian software and web site development

Submitted by grigby1 on Thu, 04/20/2017 - 12:38pm
TitleAn analysis of XSS, CSRF and SQL injection in colombian software and web site development
Publication TypeConference Paper
Year of Publication2016
AuthorsAlvarez, E. D., Correa, B. D., Arango, I. F.
Conference Name2016 8th Euro American Conference on Telematics and Information Systems (EATIS)
KeywordsColombian companies, Colombian organizations, Colombian software development, Colombian Web Site development, composability, Computer crime, Cross Site Request Forgery, Cross Site Scripting, Cross Site Scripting attacks, CSRF, Databases, Economics, Hacking, hacking protection, Human Behavior, Internet, pubcrawl, Resiliency, security protocols, Software, Software development, software engineering, SQL, SQL Injection, Web applications, web security, Web sites, websites, XSS
Abstract

Software development and web applications have become fundamental in our lives. Millions of users access these applications to communicate, obtain information and perform transactions. However, these users are exposed to many risks; commonly due to the developer's lack of experience in security protocols. Although there are many researches about web security and hacking protection, there are plenty of vulnerable websites. This article focuses in analyzing 3 main hacking techniques: XSS, CSRF, and SQL Injection over a representative group of Colombian websites. Our goal is to obtain information about how Colombian companies and organizations give (or not) relevance to security; and how the final user could be affected.
URLhttps://ieeexplore.ieee.org/document/7520140
DOI10.1109/EATIS.2016.7520140
Citation Keyalvarez_analysis_2016
Groups: