Javier's Blog

Mostly computers and other tech stuff,...

Wednesday, April 14, 2010

Web Frameworks and Internet Security, a Thesis

Again, hopefully someone will find this useful.

Web Frameworks and Internet Security

The Internet is arguably the single most influential technology we have seen in the
last two decades. Our increasing dependence on the Internet and Web applications subjects us to attacks that are commonly misunderstood. Presented are the most common Web application vulnerabilities and the necessary mechanisms within Web frameworks that aid in protecting private data. The security mechanisms that aid in preventing Web based attacks are closely studied within this paper. Also, studied are the pitfalls encountered by developers when building Web applications and the ease with which framework security mechanisms can be applied to protect against known vulnerabilities.

Get the full paper here and feel free to leave comments below.

Evolutionary Fuzzing System

Just thought I should post this before it disappears into the void that is my backups...

Evolutionary Fuzzing System is a pretty cool concept pioneered by Jared D. DeMott, et al, this paper shows a bit different approach to DeMott's using GPF (General Purpose Fuzzer) as a proof of concept.

Get the paper here: Evolutionary Fuzzing System
Get the modified GPF here: GPF-Mutate

Abstract: Evolutionary Negative Testing is an increasingly popular method for testing software whose source code may not be available. One of the first tools of this kind is the Evolutionary Fuzzing System. This paper presents an addition to the system called Mutation Reliant Evolutionary Fuzzer and explores possibilities for increasing code coverage and vulnerability discovery.