Analysis of Vulnerabilities in College Web-Based System

被引：0

作者：

Nam, Younsu ^{[1
]}

Choi, Sunoh ^{[1
]}

机构：

[1] Jeonbuk Natl Univ, Dept Software Engn, Jeonju 54896, South Korea

来源：

ELECTRONICS | 2024年 / 13卷 / 12期

基金：

新加坡国家研究基金会;

关键词：

web-based system; vulnerability analysis; source code; attack; API; ATTENDANCE;

D O I：

10.3390/electronics13122261

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Web-based systems are used extensively in Korea because web standards have been adapted by the law (e.g., Electronic Government Act). Users can easily access web-based systems if they are connected to the Internet. However, distinguishing between malicious and benign access is very difficult and many potential vulnerabilities exist. In this study, we attempt to leak the information of other users without permission using a non-encrypted API and web source code analysis in a college web-based system. An experiment demonstrates that the information (e.g., other students' course grades) can be leaked and abnormal data can be embedded in the request. In addition, we discuss methods for preventing such vulnerability attacks.

引用

页数：15

共 50 条

[1] A Web-Based Auxiliary Teaching System for College English
Min, Wang
[J]. MATHEMATICAL PROBLEMS IN ENGINEERING, 2022, 2022
[2] A Web-Based Auxiliary Teaching System for College English
Min, Wang
[J]. MATHEMATICAL PROBLEMS IN ENGINEERING, 2022, 2022
[3] Design of a Web-based Learning System in College English Teaching
Chen, Yaxuan
[J]. 2010 CONFERENCE ON HIGHER EDUCATION DEVELOPMENT, PROCEEDINGS, 2010, : 103 - 106
[4] Analysis of the UCD process of a web-based system
Ardito, Carmelo
Buono, Paolo
Costabile, Maria F.
Lanzilotti, Rosa
Piccinno, Antonio
Simeone, Adalberto L.
[J]. 16TH INTERNATIONAL CONFERENCE ON DISTRIBUTED MULTIMEDIA SYSTEMS (DMS 2010), 2010, : 180 - 185
[5] Web-based concession period analysis system
Zhang, Xueqing
[J]. EXPERT SYSTEMS WITH APPLICATIONS, 2011, 38 (11) : 13532 - 13542
[6] Web-based College English Diagnostic Practice and Test System Research
Zhang, Guanghua
[J]. AGRO FOOD INDUSTRY HI-TECH, 2017, 28 (03): : 2284 - 2288
[7] Study on Development of the Web-based College Sports Management System Software
Nie, Dongfeng
Du, Yun
[J]. ADVANCED MATERIALS AND INFORMATION TECHNOLOGY PROCESSING, PTS 1-3, 2011, 271-273 : 1020 - +
[8] A fine-grained classification and security analysis of web-based virtual machine vulnerabilities
Yilmaz, Fadi
Sridhar, Meera
Mohanty, Abhinav
Tendulkar, Vasant
Hamlen, Kevin W.
[J]. COMPUTERS & SECURITY, 2021, 105
[9] Web-based triage in a college health setting
Sole, ML
Stuart, PL
Deichen, M
[J]. JOURNAL OF AMERICAN COLLEGE HEALTH, 2006, 54 (05) : 289 - 294
[10] A reliable web-based system for hurricane analysis and simulation
Chen, SC
Hamid, S
Gulati, S
Zhao, N
Chen, M
Zhang, CC
Gupta, P
[J]. 2004 IEEE INTERNATIONAL CONFERENCE ON SYSTEMS, MAN & CYBERNETICS, VOLS 1-7, 2004, : 5215 - 5220

← 1 2 3 4 5 →