Palabras Claves-Vulnerabilidades, OWASP, ataques web, PHP, programación segura, seguridad web.Abstract-Currently, most web applications contain security vulnerabilities. Probably, it is due to lack of culture of the developers or the absence of specific coding techniques. We analyzed certain works related, but we consider that they do not define detailed programming techniques, nor do they focus on a specific programming language. This work proposes a set of secure programming techniques to reduce vulnerabilities in web applications using the PHP. For this, ten vulnerabilities were determined using the OWASP TOP-10 recommendations. Then, the seven techniques are presented and their respective way of implementing them. The techniques are validated; the vulnerabilities of a web application are measured in two scenarios; with and without the implementation of the proposed techniques. The results show that the use of the proposed techniques is significantly related to the number of vulnerabilities found and therefore improves the level of security of web applications.
This work proposes a methodology for the implementation of a set of rules and filters applied on a Gateway to mitigate the main cyberattacks originated through emails, such as: malware, spam, phishing, and includes information leakage. Through a comparative analysis of the tools that face these cyberattacks, ”Proxmox Email Gateway” is selected to be implemented in two test scenarios, the first without applying the methodology, and the second with its application, in which several Controlled cyberattacks of each of those previously defined. According to data obtained from the test scenarios, it was found that the application of this set of rules reduces cyberattacks by 38.75%, and with the statistical chi-square test with a confidence level of 95% it is shown that the set of filters and elaborate rules applied on a Gateway if it reduces the percentage of the amount of cyberattacks originated through e-mail.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.