International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
Volume 182 - Issue 25 |
Published: Nov 2018 |
Authors: Richard Amankwah, Patrick Kwaku Kudjo, Beatrice Korkor Agyemang, Kofi Mensah, Bright Brew, Samuel Yeboah Antwi |
![]() |
Richard Amankwah, Patrick Kwaku Kudjo, Beatrice Korkor Agyemang, Kofi Mensah, Bright Brew, Samuel Yeboah Antwi . An Integrated Approach for Detecting Security Vulnerabilities in Web Applications: A Theoretical Perspective. International Journal of Computer Applications. 182, 25 (Nov 2018), 16-20. DOI=10.5120/ijca2018918079
@article{ 10.5120/ijca2018918079, author = { Richard Amankwah,Patrick Kwaku Kudjo,Beatrice Korkor Agyemang,Kofi Mensah,Bright Brew,Samuel Yeboah Antwi }, title = { An Integrated Approach for Detecting Security Vulnerabilities in Web Applications: A Theoretical Perspective }, journal = { International Journal of Computer Applications }, year = { 2018 }, volume = { 182 }, number = { 25 }, pages = { 16-20 }, doi = { 10.5120/ijca2018918079 }, publisher = { Foundation of Computer Science (FCS), NY, USA } }
%0 Journal Article %D 2018 %A Richard Amankwah %A Patrick Kwaku Kudjo %A Beatrice Korkor Agyemang %A Kofi Mensah %A Bright Brew %A Samuel Yeboah Antwi %T An Integrated Approach for Detecting Security Vulnerabilities in Web Applications: A Theoretical Perspective%T %J International Journal of Computer Applications %V 182 %N 25 %P 16-20 %R 10.5120/ijca2018918079 %I Foundation of Computer Science (FCS), NY, USA
Software security vulnerability is a flaw in a software product that could compromise the integrity, availability, or confidentiality of a software system. The growth and development of software have brought about a corresponding increase in vulnerabilities, which has necessitated the need to develop software security assurance tool that can detect and prevent these vulnerabilities. Previous studies have suggested both commercial and open source tools such as Ashcan, Web Inspect, Web King, Skipfish, and OWASP ZAP just to mention but a few to help mitigate against this security gaps. However, each of this approach has its merits and demerits in detecting vulnerabilities. As a result, this paper seeks to develop a more proactive approach which is a merger or integration of the strength of existing techniques into one system: An integrated web vulnerability detector scanner: which is a software assurance tool for detecting vulnerabilities in web application. The analysis involves presenting a general overview of web application, web application scanners and web application vulnerabilities. Lastly, we present the theoretical framework for detecting web application vulnerabilities based on the proposed model. The preliminary findings show that the concept is feasible within the domain of vulnerability detection