Analyzing Web Application Vulnerabilities of Educational Institutions in Bangladesh

Simple item page
dc.contributor.authorKarim, Mahbul
dc.contributor.authorMuntakim, Afia
dc.contributor.authorZaman, Hridita Nur
dc.date.accessioned2023-04-05T08:01:50Z
dc.date.available2023-04-05T08:01:50Z
dc.date.issued2022-05-31
dc.descriptionSupervised by Mr. Ashraful Alam Khan, Assistant professor, Co-Supervisor Mr. S.M. Sabit Bananee, Lecturer, Mr. Imtiaj Ahmed Chowdhury, Lecturer, Department of Computer Science and Engineering(CSE), Islamic University of Technology (IUT) Board Bazar, Gazipur-1704, Bangladesh. This thesis is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Software Engineering of Computer Science and Engineering department, 2022.en_US
dc.description.abstractThe biggest challenge we face today is web security. It is the fundamental framework for the global data society. People’s daily activities mostly depend on internet-based applications. No web application is free from threats and security issues. Clients and users make mistakes when interacting with web applications, which can lead to security issues. Besides, there are coding flaws and server misconfiguration issues which gradually lead to service failure or attacks on vulnerable information. Strong security in the web application is a vital need for online presence nowadays. Dealing with web security issues requires deep insight as there are a lot of tools available to detect vulnerabilities. Proper understanding and deep analysis are required to find the proper tool for this application. This study aims to detect vulnerabilities of the educational websites in Bangladesh and analyze which scanning tool provides more accurate results. For our analysis, we have used the two most prominent web application security scanners, Acunetix and Nikto. After scanning, many security issues and vulnerabilities were found. However, the most common vulnerability issue among all the websites was SQL injection, XSS, and Clickjackingen_US
dc.identifier.citation[1] H. Shahriar, “Web security vulnerabilities: Challenges and solutions,” A Tutorial Proposal for ACM, pp. 1–5, 2018. [2] H.-C. Huang, Z.-K. Zhang, H.-W. Cheng, and S. W. Shieh, “Web application security: threats, countermeasures, and pitfalls,” Computer, vol. 50, no. 6, pp. 81–85, 2017. [3] A. Masood and J. Java, “Static analysis for web service security-tools & techniques for a secure development life cycle,” in 2015 IEEE International Symposium on Technologies for Homeland Security (HST), pp. 1–6, IEEE, 2015. [4] A. Alzahrani, A. Alqazzaz, Y. Zhu, H. Fu, and N. Almashfi, “Web application security tools analysis,” in 2017 ieee 3rd international conference on big data security on cloud (bigdatasecurity), ieee international conference on high performance and smart computing (hpsc), and ieee international conference on intelligent data and security (ids), pp. 237–242, IEEE, 2017. [5] “Acunetix.” https://www.acunetix.com/plp/web-vulnerability-scanner/?ab=v2& gclid=Cj0KCQjw1ZeUBhDyARIsAOzAqQJpgmvQu68aECYo34vBCeFACSHR6zwtTP_qd9gpeZzz_ xhuoAy-raAaAtH5EALw_wcB&utm_medium=cpc&utm_source=Adwords&utm_content=69244266647& utm_campaign=1683924377&utm_term=acunetix. [6] “Nikto.” https://cirt.net/Nikto2. [7] M. A. Rahman, M. Amjad, B. Ahmed, and M. S. Siddik, “Analyzing web application vulnerabilities: an empirical study on e-commerce sector in bangladesh,” in Proceedings of the international conference on computing advancements, pp. 1–6, 2020. [8] A. Chancusi, P. Diestra, and D. Nicolalde, “Vulnerability analysis of the exposed public ips in a higher education institution,” in 2020 the 10th International Conference on Communication and Network Security, pp. 83–90, 2020. [9] M. Akour and I. Alsmadi, “Vulnerability assessments: a case study of jordanian universities,” in 2015 International Conference on Open Source Software Computing (OSSCOM), pp. 1–7, IEEE, 2015.en_US
dc.identifier.urihttp://hdl.handle.net/123456789/1812
dc.language.isoenen_US
dc.publisherDepartment of Computer Science and Engineering(CSE), Islamic University of Technology(IUT), Board Bazar, Gazipur, Bangladeshen_US
dc.subjectSQL injection, XSS, Clickjacking, Acunetix, Niktoen_US
dc.titleAnalyzing Web Application Vulnerabilities of Educational Institutions in Bangladeshen_US
dc.typeThesisen_US

Files

Original bundle

Now showing 1 - 3 of 3
Thumbnail Image
Name:
Karim_analyzing web application_fulltext.pdf
Size:
523.1 KB
Format:
Adobe Portable Document Format
Description:
Full text of the Thesis
Download
Thumbnail Image
Name:
Karim_21%_turnitin similarity_ web application.pdf
Size:
197.78 KB
Format:
Adobe Portable Document Format
Description:
Turnitin report_21% similarity
Download
Thumbnail Image
Name:
Karim_signature page.pdf
Size:
72.76 KB
Format:
Adobe Portable Document Format
Description:
Signature of authors and supervisors
Download

License bundle

Now showing 1 - 1 of 1
Thumbnail Image
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

2022