Web Application Vulnerabilities, Detection Mechanisms, and Defenses

Slides:



Advertisements
Similar presentations
Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Advertisements

Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
SEC835 OWASP Top Ten Project.
A Demo of and Preventing XSS in.NET Applications.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
The 10 Most Critical Web Application Security Vulnerabilities
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Workshop 3 Web Application Security Li Weichao March
Web Security Overview Lohika ASC team 2009
OWASP Zed Attack Proxy Project Lead
Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
The OWASP Way Understanding the OWASP Vision and the Top Ten.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Preventing Web Application Injections with Complementary Character Coding Raymond Mui Phyllis Frankl Polytechnic Institute of NYU Presented at ESORICS.
OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
The attacks ● XSS – type 1: non-persistent – type 2: persistent – Advanced: other keywords (, prompt()) or other technologies such as Flash.
Broken Authentication & Session Management. What is it ? Bad implementation of authentication and session management. If an attacker can get your session.
nd Joint Workshop between Security Research Labs in JAPAN and KOREA Marking Scheme for Semantic- aware Web Application Security HPC.
Web Applications Testing By Jamie Rougvie Supported by.
Building Secure Web Applications With ASP.Net MVC.
Deconstructing API Security
CS526Topic 12: Web Security (2)1 Information Security CS 526 Topic 9 Web Security Part 2.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Michael Dalton, Christos Kozyrakis, and Nickolai Zeldovich MIT, Stanford University USENIX 09’ Nemesis: Preventing Authentication & Access Control Vulnerabilities.
Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.
Copyright © The OWASP Foundation This work is available under the Creative Commons SA 2.5 license The OWASP Foundation OWASP Denver February 2012.
Writing secure Flex applications  MXML tags with security restrictions  Disabling viewSourceURL  Remove sensitive information from SWF files  Input.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
ASP.NET 2.0 Security Alex Mackman CM Group Ltd
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Do not try any of the techniques discussed in this presentation on a system you do not own. It is illegal and you will get caught.
Page 1 Ethical Hacking by Douglas Williams. Page 2 Intro Attackers can potentially use many different paths through your application to do harm to your.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
SECURE DEVELOPMENT. SEI CERT TOP 10 SECURE CODING PRACTICES Validate input Use strict compiler settings and resolve warnings Architect and design for.
Web Security (cont.) 1. Referral issues r HTTP referer (originally referrer) – HTTP header that designates calling resource  Page on which a link is.
Web Application Security
Group 18: Chris Hood Brett Poche
Web Application Vulnerabilities
An Introduction to Web Application Security
Securing Your Web Application in Azure with a WAF
TOPIC: Web Security (Part-4)
World Wide Web policy.
Security in Django.
API Security Auditing Be Aware,Be Safe
Vulnerability Chaining Every Low Issue Has its big impact
Penetration Testing following OWASP
What is REST API ? A REST (Representational State Transfer) Server simply provides access to resources and the REST client accesses and presents the.
Marking Scheme for Semantic-aware Web Application Security
1. ASSOCILATE DEGREE PROGRAM Application Attacks SUBMITTED TO: Fatima Ashiq SUBMITTED By: University Of Central Punjab Farooq Sardar (V1F16ASOC0012) Adnan.
An Introduction to Web Application Security
امنیت نرم‌افزارهای وب تقديم به پيشگاه مقدس امام عصر (عج) عباس نادری
CSC 495/583 Topics of Software Security Intro to Web Security
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems
Exploring DOM-Based Cross Site Attacks
Presentation transcript:

Web Application Vulnerabilities, Detection Mechanisms, and Defenses Shamaria Engram University of South Florida Systems Security

Outline Web Application Vulnerabilities Injection Detection Mechanisms Defenses Broken Authentication and Session Management Cross-Site Scripting

Top 10 Web Application Vulnerabilities Injection Broken Authentication and Session Management Cross-Site Scripting Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Cross-Site Request Forgery (CSRF) Using Known Vulnerable Components Unvalidated Redirects and Forwards

Injection OS Can include calls to the operating system via system calls LDAP Lightweight Directory Access Protocol Runs over internet transport protocols such as TCP Similar to SQL Injection SQL One of the most widespread injection attacks

LDAP & SQL Injection

Detection Mechanisms for Injection Attacks Compare user input with possible known attack patterns Reconstruct all user supplied input into a known safe input Mechanisms that learn normal database accesses

Defenses against Injection Defensive programming Fault injection/Fuzzying testing Input Validation Dynamic Checks and Static Source Code Analysis Filter variables before constructing queries to be executed by server or database Validate outgoing data Restrict the access level of the web application to the minimum required

Broken Authentication and Session Management A vulnerability as a result of incorrectly implemented application functions for authentication or session management allowing attackers to masquerade as an authorized user Most common authentication method for web applications are usernames and passwords that generate session IDs upon successful login Vulnerable application components Unencrypted connection Predictable login credentials Session ID value does not timeout or does not become invalid after logging out User authentication credentials are not protected when stored Session ID values are used in the URL

Detection Mechanisms for Broken Authentication and Session Management Hard to detect an attack as it is happening Web applications are tested thoroughly before deployment

Defenses against Broken Authentication and Session Management Encrypt all connections between client and web server Enforce strong passwords and unpredictable usernames Session ID should be valid only for a certain amount of time and should become invalid after logging out Salt, hash, and encrypt all stored user credentials Avoid including session ids in the URL

Cross-Site Scripting Attacks Common attack method that involves injecting malicious code into a vulnerable web application Two types: Stored and Reflected

Stored Cross-Site Scripting Attack

Reflected Cross-Site Scripting Attack

Detection Mechanisms for Cross-Site Scripting Attacks String Analysis E.g., Check the source code for the script tag Bounded Model Checking E.g., Satisfiability states Fault Injection E.g., Fuzzy testing Taint Propagation E.g., data flow analysis Comparing User Input with Known Untrusted Scripts

Detection Mechanisms for Cross-Site Scripting Attacks Browser-Enforced Embedded Policies Syntactic Structure Analysis Lattice Based Approach Proxy Based Approach And Many More…

Defenses against Cross-Site Scripting Attacks Properly escape all untrusted data based on the HTML context Validate the length, characters, format, and business rules on the data before accepting the input Use auto-sanitization libraries such as OWASP’s AntiSamy or the Java HTML Sanitizer Project Content Security Policy (CSP) to defend against XSS

Thank you! Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.