loading
Papers

Research.Publish.Connect.

Paper

Authors: Lyazzat Atymtayeva 1 ; Serik Nurmyshev 2 and Gulfarida Tulemissova 3

Affiliations: 1 Kazakh-British Technical University , Department of Information Systems Management, Kazakhstan ; 2 Kazakh-British Technical University, KBTU, Kazakhstan ; 3 Distance Learning Institute, Satpayev Kazakh National Research Technical University, KazNRTU, Kazakhstan

ISBN: 978-989-758-238-7

Keyword(s): Active Information Security Audit, Vulnerability Scanners, Intelligent Approach, Fuzzy Expert Systems, Information Security Audit, Fuzzy Data Management.

Abstract: Currently we observe increasing popularity of web technology that allows for reflecting traditional businesses into web-based applications (web applications, for short). Such web applications are often interesting to hackers aiming at stealing (confidential) user information; they would use such information for personal gain. For providing the enough security level of computer and information systems the companies should be interested in the regular information security active auditing. This process often accompanies the checking and control of the security systems of enterprises but it is usually expensive by finance, time and human resources consuming. The one of the tools for active security audit is the using of vulnerability scanners especially for web applications security assessment. During the process of the web applications checking the vulnerability scanners discover a lot of bugs in applications security system and inform the users (auditors) by providing the list of vulner abilities. Despite of the various types of vulnerability scanners only few of them may contain the intelligent tools which can facilitate the auditing process. Therefore, there is a high demand for the development of intelligent security scanners that are compliant with the de facto security standard of OWASP - the Open Web Application Security Project. We argue that embedding intelligent tools (expert systems) in such vulnerability scanners would not only increase effectiveness but would also decrease the cost of an OWASP auditing process. We can claim that using fuzzy sets and logic theories may facilitate this process in terms of processing that concerns the human expert contributions. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.209.80.87

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Atymtayeva L.; Nurmyshev S.; Tulemissova G. and (2017). An Intelligent Approach and Data Management in Active Security Auditing Processes for Web Based Applications.In Proceedings of the Seventh International Symposium on Business Modeling and Software Design - Volume 1: BMSD, ISBN 978-989-758-238-7, pages 136-145. DOI: 10.5220/0006528201360145

@conference{bmsd17,
author={Lyazzat Atymtayeva and Serik Nurmyshev and Gulfarida Tulemissova},
title={An Intelligent Approach and Data Management in Active Security Auditing Processes for Web Based Applications},
booktitle={Proceedings of the Seventh International Symposium on Business Modeling and Software Design - Volume 1: BMSD,},
year={2017},
pages={136-145},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006528201360145},
isbn={978-989-758-238-7},
}

TY - CONF

JO - Proceedings of the Seventh International Symposium on Business Modeling and Software Design - Volume 1: BMSD,
TI - An Intelligent Approach and Data Management in Active Security Auditing Processes for Web Based Applications
SN - 978-989-758-238-7
AU - Atymtayeva, L.
AU - Nurmyshev, S.
AU - Tulemissova, G.
PY - 2017
SP - 136
EP - 145
DO - 10.5220/0006528201360145

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.