Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
121,278
result(s) for
"Web Security"
Sort by:
Authorization and access control : foundations, frameworks, and applications
\"This book focuses on various authorization and access control techniques, threats and attack modelling including overview of open Authorization 2.0 (Oauth2.0) framework along with User managed access (UMA) and security analysis. Important key concepts are discussed on how to provide login credentials with restricted access to third parties with primary account as a resource server. Detailed protocol overview and authorization process along with security analysis of Oauth 2.0 is discussed in this book. This book also includes case studies of websites for vulnerability issues. Features : provides overview of security challenges of IoT and mitigation techniques with a focus on authorization and access control mechanisms, discusses behavioral analysis of threats and attacks using UML base modelling, covers use of Oauth2.0 Protocol and UMA for connecting web applications, includes Role Based Access Control (RBAC), Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Permission Based Access Control (PBAC). and explores how to provide access to third party web applications through resource server by use of secured and reliable Oauth2.0 framework. This book aims at researchers and professionals in IT Security, Auditing, and Computer Engineering\"-- Provided by publisher.
Book
Hacking web apps : detecting and preventing web application security problems
How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps. The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include: . SQL Injection . Cross Site Scripting . Logic Attacks . Server Misconfigurations . Predictable Pages . Web of Distrust . Breaking Authentication Schemes . HTML5 Security Breaches . Attacks on Mobile Apps Even if you don't develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked-as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser - sometimes your last line of defense - more secure.
More and more data, from finances to photos, is moving into web applications. How much can you trust that data to be accessible from a web browser anywhere and safe at the same time? Some of the most damaging hacks to a web site can be executed with nothing more than a web browser and a little knowledge of HTML. Learn about the most common threats and how to stop them, including HTML Injection, XSS, Cross Site Request Forgery, SQL Injection, Breaking Authentication Schemes, Logic Attacks, Web of Distrust, Browser Hacks and many more.
eBook
How to Attack and Defend Your Website
How to Attack and Defend Your Website is a concise introduction to web security that includes hands-on web hacking tutorials.The book has three primary objectives: to help readers develop a deep understanding of what is happening behind the scenes in a web application, with a focus on the HTTP protocol and other underlying web technologies; to.
eBook
Securing DevOps : security in the Cloud
Security teams need to adopt the techniques of DevOps and switch their focus from defending only the infrastructure to protecting the entire organization by improving it continuously. Securing DevOps explores how the techniques of DevOps and Security should be applied together to make cloud services safer. By the end of this book, readers will be ready to build security controls at all layers, monitor and respond to attacks on cloud services, and add security organization-wide through risk management and training.
Book
Real-world bug hunting : a field guide to web hacking
\"Uses real-world bug reports (vulnerabilities in software or in this case web applications) to teach programmers and InfoSec professionals how to discover and protect vulnerabilities in web applications. Real-World Bug Hunting is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones. Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You'll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user's data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier\"-- Provided by publisher.
Book
Web Security
This book presents a comprehensive guide to web security and explains how companies can build a highly effective and sustainable security system. It reveals how hackers work and explains why companies of different scale require different security methodologies. With in-depth analysis of the reasons behind the choices, the book covers client script security, server applications security, and Internet company security operations. It also includes coverage of browser security, click jacking, injection attacks, web frame security, leaks, transactions security, and security development lifecycle.
eBook
Internet of things for smart cities : technologies, big data and security
This book introduces the concept of smart city as the potential solution to the challenges created by urbanization. The Internet of Things (IoT) offers novel features with minimum human intervention in smart cities. This book describes different components of Internet of Things (IoT) for smart cities including sensor technologies, communication technologies, big data analytics and security.
Book
Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks
New techniques and tactics are being used to gain unauthorized access to the web that harm, steal, and destroy information. Protecting the system from many threats such as DDoS, SQL injection, cross-site scripting, etc., is always a challenging issue. This research work makes a comparative analysis between normal HTTP traffic and attack traffic that identifies attack-indicating parameters and features. Different features of standard datasets ISCX, CISC, and CICDDoS were analyzed and attack and normal traffic were compared by taking different parameters into consideration. A layered architecture model for DDoS, XSS, and SQL injection attack detection was developed using a dataset collected from the simulation environment. In the long short-term memory (LSTM)-based layered architecture, the first layer was the DDoS detection model designed with an accuracy of 97.57% and the second was the XSS and SQL injection layer with an obtained accuracy of 89.34%. The higher rate of HTTP traffic was investigated first and filtered out, and then passed to the second layer. The web application firewall (WAF) adds an extra layer of security to the web application by providing application-level filtering that cannot be achieved by the traditional network firewall system.
Journal Article