| Title | An Automatic Vulnerability Scanner for Web Applications |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Chen, Haibo, Chen, Junzuo, Chen, Jinfu, Yin, Shang, Wu, Yiming, Xu, Jiaping |
| Conference Name | 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) |
| Date Published | dec |
| Keywords | compositionality, Conferences, Human Behavior, information collection, Metrics, privacy, pubcrawl, Resiliency, security, Testing, Tools, vulnerability detection, vulnerability scanning, web security, Web vulnerability |
| Abstract | With the progressive development of web applications and the urgent requirement of web security, vulnerability scanner has been particularly emphasized, which is regarded as a fundamental component for web security assurance. Various scanners are developed with the intention of that discovering the possible vulnerabilities in advance to avoid malicious attacks. However, most of them only focus on the vulnerability detection with single target, which fail in satisfying the efficiency demand of users. In this paper, an effective web vulnerability scanner that integrates the information collection with the vulnerability detection is proposed to verify whether the target web application is vulnerable or not. The experimental results show that, by guiding the detection process with the useful collected information, our tool achieves great web vulnerability detection capability with a large scanning scope. |
| DOI | 10.1109/TrustCom50675.2020.00207 |
| Citation Key | chen_automatic_2020 |
An Automatic Vulnerability Scanner for Web Applications