Title :
An Effect Evaluation Model for Vulnerability Testing of Web Application
Author :
Jing-Nong, Du ; Yan-Sheng, Lu
Author_Institution :
Coll. of Comput. Sci. & Technol., HuaZhong Univ. of Sci. & Technol., WuHan, China
Abstract :
In this paper, we propose a security evaluation model for the web application and define a security evaluation function based on the Analytic Hierarchy Process (AHP) to describe the model. We use the evaluation method proposed by this paper to evaluate the vulnerability test effect of a BBS application named IPB. The experiment result reveals that the evaluation value calculated by the security evaluation function is positively correlated with the number of vulnerabilities found in the security test. It proves that the security evaluation method proposed by this paper is practical and reliable.
Keywords :
Web services; decision making; security of data; testing; BBS application; IPB; Web application; analytic hierarchy process; invision power board; security evaluation function; vulnerability testing; Application software; Buffer overflow; Computer networks; Computer science; Computer security; Educational institutions; Electronic mail; File systems; Testing; Wireless communication; Analytic Hierarchy Process; security evaluation; vulnerability testing; web application;
Conference_Titel :
Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-4011-5
Electronic_ISBN :
978-1-4244-6598-9
DOI :
10.1109/NSWCTC.2010.94
