An Analysis of Software Security Attacks and Mitigation Controls
Автор:Natarajan Meghanathan,DeShante C. Johnson and Alexander R. Geoghegan Год: 2012 Издание:LAP Lambert Academic Publishing Страниц: 76 ISBN: 9783659309441 The security vulnerabilities hidden in software programs pose a major threat, on the computers and networks, when appropriately exploited by a malicious user. The vulnerabilities arise primarily due to the coding errors and/or flaws in the underlying platform. The book researches on the well-known coding and platform vulnerabilities related to the security of software programs and the attacks they lead to. Specifically, the following software security attacks are analyzed in detail: SQL injection attacks, Cross-site scripting (XSS) attacks, Cross-site request forgery (XSRF) attacks, and the Time-of-check-to-time-of-use (TOCTTOU) attacks. The book examines the vulnerabilities that lead to each of these attacks, illustrates real-time examples of implementing these attacks with step-by-step instructions, as well as explores the use of appropriate security controls to completely avoid or at least mitigate the attacks. In addition to analyzing the above attacks in detail, the book presents...
