Skip to main content
SpringerLink
Log in

A Study of International Trend Analysis on Web Service Vulnerabilities in OWASP and WASC

  • Conference paper
Advances in Information Security and Assurance (ISA 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5576))

Included in the following conference series:

Abstract

All projects conducted in both the OWASP (Open Web Application Security Project) and the WASC (Web Application Security Consortium) are open-projects in which a company and an individual have voluntarily participated with a vision for web application security. Specifically, these open type projects have studied the web application vulnerabilities and thus have provided their results. Therefore, all these projects can be considered as very influential open-projects. This paper will examine overall introduction of the OWASP and the WASC and then, the major features of their different projects which have been currently conducting as analyzing the similarities and differences between the OWASP and the WASC. Based on the results, the study may suggest a type of synergetic effects from their cooperative work. Finally, with related to the web application security area, this research will discuss about the latest trends in industrial as well academic fields and further directions toward its development.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. OWASP (Open Web Application Security Project), http://www.owasp.org

  2. WASC (Web Application Security Consortium), http://webappsec.org

  3. Kim, S.: A Study of Web Application Attack Detection extended ESM Agent. J. Korea Society Computer & Information 12(1), 161–168 (2008)

    Google Scholar 

  4. Chang, M., Oh, C.: Web Application Attack Prevention by Traffic Analysis. J. Korea Society Computer & Information 13(3), 139–146 (2008)

    Google Scholar 

  5. Jacobs, F., Joosen, B.: Software Security: Experiments on the.NET Common Language Run-time and the Shared Source Common Language Infrastructure. Software: IEE Proceedings 150(5), 303–307 (2003)

    Google Scholar 

  6. Vanden-Berghe, C., Piessens, F., Riordan, J.: A Vulnerability Taxonomy Methodology applied to the Web Services. In: Proc. the 10th Nordic Workshop on Secure IT Systems (2005)

    Google Scholar 

  7. Benjamin-Livshits, V., Monica, S.: Finding Security Vulnerabilities in Java Applications with Static Analysis. Technical Report, Dept. Computer Science, Stanford University (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Halla University, San 66, Heungup-Li, Heungup-myon, Wonju-shi, Kangwon-do, Korea

    Soonseok Kim

  2. Department of English, Halla University, San 66, Heungup-Li, Heungup-myon, Wonju-shi, Kangwon-do, Korea

    Haeyoung Han

  3. IT Infrastructure Protection Division, Korea Information Security Agency, Korea IT Venture Tower, Jungdaero 135, Songpa-gu, Seoul, Korea

    Donghwi Shin, Inkyung Jeun & HyunCheol Jeong

Authors
  1. Soonseok Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haeyoung Han
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Donghwi Shin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Inkyung Jeun
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. HyunCheol Jeong
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Engineering Department, Kyungnam University, 449, Wolyong-dong, 631-701, Kyungnam, Masan, Korea

    Jong Hyuk Park

  2. Institute of Communications Engineering, National Sun Yat-Sen University, Kaohsiung City, Taiwan

    Hsiao-Hwa Chen

  3. School of Computer Science,, University of Oklahoma, 200 Felgar Street, 73019, P.O. Box, Norman, OK, USA

    Mohammed Atiquzzaman

  4. School of Computer Engineering, Hanshin University, Kyeong-Gi, Osan, Korea

    Changhoon Lee

  5. Division of Multimedia, Hannam University, Daejeon, Korea

    Tai-hoon Kim

  6. Division of Computer Engineering, Mokwon University, Daejeon, Korea

    Sang-Soo Yeo

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, S., Han, H., Shin, D., Jeun, I., Jeong, H. (2009). A Study of International Trend Analysis on Web Service Vulnerabilities in OWASP and WASC. In: Park, J.H., Chen, HH., Atiquzzaman, M., Lee, C., Kim, Th., Yeo, SS. (eds) Advances in Information Security and Assurance. ISA 2009. Lecture Notes in Computer Science, vol 5576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02617-1_80

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-02617-1_80

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-02616-4

  • Online ISBN: 978-3-642-02617-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation