Technical gazette, Vol. 22 No. 2, 2015.
Original scientific paper
https://doi.org/10.17559/TV-20150310110158
Implementation and analysis of website security mining system, applied to universities' academic networks
Ying-Chiang Cho
; Department of Electrical Engineering, National Chung Cheng University, Chia-Yi 62102, Taiwan
Abstract
It is becoming increasingly common for web application and data storage services to be handled by cloud computing; therefore, more and more people are putting their private information on the internet, motivating research into cloud computing, database security and authority encryption. In the Open Web Application Security Project (OWASP) assessment, SQL injection is one of the most dangerous attack vectors in internet security. With this in mind, we have implemented a system named the website security mining system, which leverages a web crawling algorithm to analyze web URL and e-mail address leaks through black-box testing of 20 well-known universities’ websites. Based on our data, academic website maintainers can be clearly informed about what kind of danger they are exposed to, which URLs are highly in danger, and the need to patch the website to protect against vulnerabilities and prevent academic resources from attacks. We hope that in the future, academic networks will gain more attention in the information security community, just like commercial and government networks today.
Keywords
academic networks; black-box testing; database security; search engine; SQL injection
Hrčak ID:
138078
URI
Publication date:
22.4.2015.
Visits: 3.173 *