Full metadata record
DC FieldValueLanguage
dc.contributorDepartment of Computingen_US
dc.creatorLi, Ka-wui-
dc.publisherHong Kong Polytechnic University-
dc.rightsAll rights reserveden_US
dc.titleWeb vulnerabilities exploitation and preventionen_US
dcterms.abstractModern web applications are not simple web pages that provides read only information, they provide graphical user interface through the recent improvement of presentation ability of web browsers, mimicking real desktop applications. Web applications are usually open to public Internet access, thousands of malicious users that try to probe for security holes and make use of them for stealing valuable private information. The purpose of this project is to review the security problems and their corresponding prevention techniques in modern web applications, a combination of security measures will be proposed, which web applications can be secured and be prepared for the future evolution of web attacks. Web attack methods like brute force attacks on system login pages, forgery web sites involved in online phishing, cross site scripting (XSS) and cross site request forgery (CSRF) attacks will be discussed in detail. Advanced real world attacks will be illustrated as case studies.A set of effective prevention counter measures and general secure web development policies will be proposed, then experiments will be done to test the effectiveness of the combination of web security techniques which provides the best value in terms of their effectiveness, costs of implementation and usability. The results of this project will become a guide of security which new web applications should basically implement, or as the basic standard for security review of existing web applications.en_US
dcterms.extentx, 142 leaves : ill. ; 31 cm.en_US
dcterms.isPartOfPolyU Electronic Thesesen_US
dcterms.educationalLevelAll Masteren_US
dcterms.LCSHHong Kong Polytechnic University -- Dissertationsen_US
dcterms.LCSHComputer securityen_US
dcterms.LCSHComputer networks -- Security measuresen_US
dcterms.LCSHPrivacy, Right ofen_US
dcterms.accessRightsrestricted accessen_US

Files in This Item:
File Description SizeFormat 
b23910902.pdfFor All Users (off-campus access for PolyU Staff & Students only)4.62 MBAdobe PDFView/Open

Copyright Undertaking

As a bona fide Library user, I declare that:

  1. I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
  2. I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
  3. I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.

By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.

Show simple item record

Please use this identifier to cite or link to this item: https://theses.lib.polyu.edu.hk/handle/200/5867