Logo des Repositoriums
 

Quantifying the attack surface of a web application

dc.contributor.authorHeumann, Thomas
dc.contributor.authorKeller, Jörg
dc.contributor.authorTürpe, Sven
dc.contributor.editorFreiling, Felix C.
dc.date.accessioned2019-01-17T13:26:54Z
dc.date.available2019-01-17T13:26:54Z
dc.date.issued2010
dc.description.abstractThe attack surface of a system represents the exposure of application objects to attackers and is affected primarily by architecture and design decisions. Given otherwise consistent conditions, reducing the attack surface of a system or an application is expected to reduce its overall vulnerability. So far, only systems have been considered but not single applications. As web applications provide a large set of applications built upon a common set of concepts and technologies, we choose them as an example, and provide qualitative and quantitative indicators. We propose a multidimensional metric for the attack surface of web applications, and discuss the rationale behind. Our metric is easy to use. It comprises both a scalar numeric indicator for easy comparison and a more detailed vector representation for deeper analysis. The metric can be used to guide security testing and development. We validate the applicability and suitability of the metric with popular web applications, of which knowledge about their vulnerability already exists.en
dc.identifier.isbn978-3-88579-264-2
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/19791
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSicherheit 2010. Sicherheit, Schutz und Zuverlässigkeit
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-170
dc.titleQuantifying the attack surface of a web applicationen
dc.typeText/Conference Paper
gi.citation.endPage316
gi.citation.publisherPlaceBonn
gi.citation.startPage305
gi.conference.date5.-7. Oktober 2010
gi.conference.locationBerlin
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
305.pdf
Größe:
171.84 KB
Format:
Adobe Portable Document Format