Мақола

Detecting Common Injection-Based Vulnerabilities in Web-Applications

Mohd DanishAmity University Noida,Amity School of Engineering and Technology,Noida,IndiaAbhinav Sushil VarshneyAmity University Noida,Amity School of Engineering and Technology,Noida,IndiaVivek JangraAmity University Noida,Amity School of Engineering and Technology,Noida,IndiaSunil Kumar ChowdharyGalgotias University,School of Computer Science and Engineering,Greater Noida,IndiaNidhi Sindhwani AnandAmity University Noida,Amity Institute of Information Technology,Noida,IndiaRamnaresh YadavAmity University Tashkent,Department of IT,Tashkent,Uzbekistan

2026

ABI

Аннотация

The research paper showcases a general method of detecting injection based vulnerabilities in the web applications. These type of vulnerabilities allows the attackers to manipulate various parameters leading to theft of data, identity fraud as well as system compromise. The key types of injections include SQL Injection, Cross-Site Scripting XSS and Command Injection. The currently available tools often fail to detect all three of these or are too costly. The technique mentioned herein the paper detects all these injection flaws by comparing both the application’s response as well as the behaviour before and after sending a crafted payload. By conducting experiments on multiple vulnerable web apps it was seen that our method outperforms both open-source tools as well as rivals that of commercial ones and thus achieving broad detection coverage with very few false positives.

Ҳали таржима қилинмаган

Мавзулар

Web Application Security Vulnerabilities Information and Cyber Security Security and Verification in Computing

Идентификаторлар

DOI: 10.1109/icasst68917.2026.11484446

Иқтибослар ва манбалар

0 та иқтибос9 та фойдаланилган манба

Кўрсаткичлар — AkademScholar