Abstract
With the rapid development of Internet technology, Web applications are widely used in all walks of life, and their security requirements are increasing. Unfortunately, at present, the development of Web security technology still lags behind the development of Web application technology itself. The Web application itself and its operating environment are still relatively fragile, and its operating environment is easily forged or modified, making Web applications gradually become malicious. The object of the attack is frequently attacked. This paper investigates and analyzes the common vulnerabilities in web applications, deeply studies the basic characteristics of these vulnerabilities, and understands the principles and solutions of vulnerabilities. The static analysis method is used to analyze the vulnerabilities, and the static analysis methods are used to solve the security vulnerabilities in the Java web project.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Katkar AS, Kulkarni RB (2012) Web vulnerability detection and security mechanism. Int J Soft Comput Eng 2(4):237–241
Antunes N, Vieira M (2015) Assessing and comparing vulnerability detection tools for web services: benchmarking approach and examples. IEEE Trans Serv Comput 8(2):269–283
Yuan L, Zhao W, Dan W et al (2015) A XSS vulnerability detection approach based on simulating browser behavior. In: International conference on information science and security. IEEE, pp 1–4
Yu F, Alkhalaf M, Bultan T et al (2014) Automata-based symbolic string analysis for vulnerability detection. Form Methods Syst Des 44(1):44–70
Mohammadi M, Chu B, Lipford HR et al (2016) Automatic web security unit testing: XSS vulnerability detection, pp 78–84
Mohammadi M, Chu B, Lipford HR et al (2016) Automatic web security unit testing: XSS vulnerability detection. In: Automation of software test. IEEE, pp 78–84
Bhor RV, Khanuja HK (2017) Analysis of web application security mechanism and attack detection using vulnerability injection technique. In: International conference on computing communication control and automation. IEEE, pp 1–6
Li Y-J, Ren HM (2016) SQL injection vulnerability detection system based on selenium. Modern Comput
Kumar R, Indraveni et al (2014) Automated session fixation vulnerability detection in web applications using the set-cookie HTTP response header in cookies, pp 351–354
Qian L, Zhang T, University A X (2015) Research on XSS Vulnerability Detection and Defense in Web Application. Nat Sci J Harbin Norm Univ
Antunes N, Vieira M (2016) Designing vulnerability testing tools for web services: approach, components, and tools. Int J Inf Secur 16:1–23
Luo MY, Ling J (2015) SQL injection vulnerability detection based on sequence value comparison of Webpage DOM tree. Comput Eng Des
Trinh MT, Chu DH, Jaffar J (2014) S3: a symbolic string solver for vulnerability detection in web applications. In: ACM SIGSAC conference on computer & communications security. ACM, pp 1232–1243
Rafique S, Humayun M, Hamid B et al (2015) Web application security vulnerabilities detection approaches: a systematic mapping study. In: IEEE/ACIS international conference on software engineering, artificial intelligence, NETWORKING and parallel/distributed computing. IEEE, pp 1–6
Rajeh W, Jin H, Zou D (2017) Saudi cloud infrastructure: a security analysis. Sci China Inf Sci 60(12):122102
Thome J, Shar LK, Bianculli D et al (2017) An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving. IEEE Trans Softw Eng PP(99):1
Alsaleh M, Alomar N, Alshreef M, Alarifi A, Al-Salman A (2017) Performance-based comparative assessment of open source web vulnerability scanners. Secur Commun Netw 2017(3):1–14
Chai A (2017) Design and implementation of dynamic and efficient web crawler for XSS vulnerability detection. In: International conference on machinery, materials and computing technology
Nunes P, Medeiros I, Fonseca J et al (2017) On combining diverse static analysis tools for web security: an empirical study. In: Dependable computing conference. IEEE, pp 121–128
Nunes P, Medeiros I, Fonseca JC et al (2018) Benchmarking static analysis tools for web security. IEEE Trans Reliab PP(99):1–17
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Yuan, H., Zheng, L., Dong, L., Peng, X., Zhuang, Y., Deng, G. (2020). Research and Implementation of Security Vulnerability Detection in Application System of WEB Static Source Code Analysis Based on JAVA. In: Xu, Z., Choo, KK., Dehghantanha, A., Parizi, R., Hammoudeh, M. (eds) Cyber Security Intelligence and Analytics. CSIA 2019. Advances in Intelligent Systems and Computing, vol 928. Springer, Cham. https://doi.org/10.1007/978-3-030-15235-2_66
Download citation
DOI: https://doi.org/10.1007/978-3-030-15235-2_66
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15234-5
Online ISBN: 978-3-030-15235-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)