Today’s dynamic web-based applications have become a normal and critical asset to an organizations business. They come with an increase in the number of web vulnerabilities and attacks. These weaknesses allow hackers to focus their attention on attacking this important information source. The most common vulnerability is cross-site scripting (XSS) and one of the Open Web Application Security pr...

Web Applications provide wide range of services to its users in an efficient manner. Web based attacks are increasing with the intent to harm the users or the reputation of particular organization. Most of these attacks occur through the exploitation of security vulnerabilities found in web applications. These vulnerabilities exists because developer focuses more on the development of the appli...

This reports presents a runtime solution to a range of Web application security vulnerabilities. The solution we proposes called SecuriFly consists of instrumenting the application to precisely track the flow of data. When a potential vulnerability is observed, the application is either terminated to prevent the vulnerability from being exploited or special recovery code is executed and the app...

Several Generic Security Service Application Program Interface (GSS-API) applications work in a multi-tiered architecture, where the server takes advantage of delegated user credentials to act on behalf of the user and contact additional servers. In effect, the server acts as an agent on behalf of the user. Examples include web applications that need to access e-mail or file servers, including ...

A nanopublication represents the smallest unit of publishable information. This schema enhances attribution and ownership of specific data elements. With these guidelines for relating atomic data with its authors, accessing and exchanging knowledge becomes a more streamlined process. Nanopublications are particularly relevant in the scientific domain, where scientific publication, validation an...

Although the semantic web standards are established, applications and uses of the data are relatively limited. This is partly due to high learning curve and efforts demanded in building semantic web and ontology-based applications. In this paper, we describe an ontology application management framework that aims to simplify creation and adoption of a semantic web application. The framework supp...

Purpose – The paper aims to describe a proof of concept web application designed to allow users to search for library materials with geographic subject headings using Google Maps as the primary interface for navigation. The purpose of the paper is to describe the development of an innovative tool that one library has created to provide users with a new way to access bibliographic records. Desig...

The large-scale deployment of modern phishing attacks relies on the automatic exploitation of vulnerable websites in the wild, to maximize profit while hindering attack traceability, detection and blacklisting. To the best of our knowledge, this is the first work that specifically leverages this adversarial behavior for detection purposes. We show that phishing webpages can be accurately detect...

Web application security is a critical issue. Security concerns are often scattered through different parts of the system. Aspect oriented programming is a programming paradigm that provides explicit mechanisms to modularize these concerns. In this paper we present an Aspect Oriented system for detecting and prevent common attacks in web applications like Cross Site Scripting (XSS) and SQL Inje...

Struts is currently a prevalent Web application development framework based on MVC. It has prominence in the open, large and extensible J2EE-based Web application development. Through combining the actual operation process of E-commerce enterprise with the developed requirement, this paper categorically analyses MVC actual implementation technology, analyses and describes the Struts framework. ...