Agent-based Vulnerability Assessment of Government Web Applications

Citation:
Wekesa B, Miriti E, Moturi CA. "Agent-based Vulnerability Assessment of Government Web Applications." NNGT Int. J. on Internet and Web Applications. 2015;2( International Journals of N&N Global Technology(IJNNGT)):1-6.

Abstract:

While most governments, including the government of Kenya, have improved their performance through allowing more information exchange using web support, there is increased spread of information crimes targeting government web applications. Structured Query Language (SQL) injection and Cross Site Scripting attack (XSS) are ranked as the two top most vulnerability attacks by the Open Web Application Security Project (OWASP) top 10, 2013 vulnerability list. Recently there have been massive attacks on a number of websites including the government of Kenya. Agent orientation is emerging as a dominant research area and as a new paradigm in provision of solutions to problems. Agents provide developers and designers with a way of structuring applications around autonomous and communicative elements. In this paper, we present a solution that uses multi-agents to detect both SQL injection and XSS attacks vulnerabilities on web applications. The system has been developed using Java programming language and Prometheus methodology as an Agent Oriented Software. It will specifically target websites in development environment
for testing the vulnerabilities before being hosted in the production environment. We have also incorporated the testing of already hosted websites for the two vulnerabilities. The proposed system will help web developers and owners of websites to fix the vulnerabilities and enhance the entire security.

UoN Websites Search