Open AccessAnalysis of Vulnerability Detection Tool for Web Services
Author(s) -
Senthamil Preethi K,
A. Murugan
Publication year - 2018
Publication title -
international journal of engineering and technology
Language(s) - English
Resource type - Journals
ISSN - 2227-524X
DOI - 10.14419/ijet.v7i3.12.16499
Subject(s) - computer science , benchmarking , vulnerability (computing) , web service , web application security , cross site scripting , web application , vulnerability assessment , service (business) , workload , task (project management) , world wide web , database , computer security , web development , operating system , engineering , systems engineering , psychology , economy , marketing , psychological resilience , economics , business , psychotherapist
The demand of the web services requirement is increasing day by day, because of this the security of the web services was under risk. To prevent from distinct types of attacks the developer needs to select the vulnerability detection tools, since many tools are available in the market the major challenging task for the developer to find the best tool which suitable for his application requirements. The recent study shows that many vulnerability detection tools provide a low coverage as far as vulnerability detection and higher false positive rate. In this paper, proposed a benchmarking method to accessing and comparing the efficiency of vulnerability detection tools in the web service environment. This method was used to illustrate the two benchmarks for SQL injection and cross site scripting. The first one is depending on predefined set of web services and next one permits user to identify the workload (User defined web services). Proposed system used the open source and commercial tools to test the application with benchmarking standards. Result shows that the benchmarks perfectly depict the efficiency of vulnerability detection tools.