{"id":"https://openalex.org/W2508461527","doi":"https://doi.org/10.1109/dictap.2016.7544004","title":"Assessment of vulnerabilities of web applications of Bangladesh: A case study of XSS &amp; CSRF","display_name":"Assessment of vulnerabilities of web applications of Bangladesh: A case study of XSS &amp; CSRF","publication_year":2016,"publication_date":"2016-07-01","ids":{"openalex":"https://openalex.org/W2508461527","doi":"https://doi.org/10.1109/dictap.2016.7544004","mag":"2508461527"},"language":"en","primary_location":{"id":"doi:10.1109/dictap.2016.7544004","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dictap.2016.7544004","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018816203","display_name":"Tanjila Farah","orcid":null},"institutions":[{"id":"https://openalex.org/I157386601","display_name":"North South University","ror":"https://ror.org/05wdbfp45","country_code":"BD","type":"education","lineage":["https://openalex.org/I157386601"]}],"countries":["BD"],"is_corresponding":true,"raw_author_name":"Tanjila Farah","raw_affiliation_strings":["Dept. of ECE, North South University, Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Dept. of ECE, North South University, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I157386601"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046393634","display_name":"Moniruzzaman Shojol","orcid":null},"institutions":[{"id":"https://openalex.org/I200606013","display_name":"Daffodil International University","ror":"https://ror.org/052t4a858","country_code":"BD","type":"education","lineage":["https://openalex.org/I200606013"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Moniruzzaman Shojol","raw_affiliation_strings":["Dept. of Software Engineering, Daffodil International University, Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Dept. of Software Engineering, Daffodil International University, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I200606013"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101974080","display_name":"Md. Maruf Hassan","orcid":"https://orcid.org/0000-0002-4475-2664"},"institutions":[{"id":"https://openalex.org/I200606013","display_name":"Daffodil International University","ror":"https://ror.org/052t4a858","country_code":"BD","type":"education","lineage":["https://openalex.org/I200606013"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Maruf Hassan","raw_affiliation_strings":["Dept. of Software Engineering, Daffodil International University, Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Dept. of Software Engineering, Daffodil International University, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I200606013"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038774788","display_name":"Delwar Alam","orcid":null},"institutions":[{"id":"https://openalex.org/I200606013","display_name":"Daffodil International University","ror":"https://ror.org/052t4a858","country_code":"BD","type":"education","lineage":["https://openalex.org/I200606013"]}],"countries":["BD"],"is_corresponding":false,"raw_author_name":"Delwar Alam","raw_affiliation_strings":["Dept. of Software Engineering, Daffodil International University, Dhaka, Bangladesh"],"affiliations":[{"raw_affiliation_string":"Dept. of Software Engineering, Daffodil International University, Dhaka, Bangladesh","institution_ids":["https://openalex.org/I200606013"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5018816203"],"corresponding_institution_ids":["https://openalex.org/I157386601"],"apc_list":null,"apc_paid":null,"fwci":4.6443,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.95077469,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"74","last_page":"78"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9941999912261963,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.9847366809844971},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6738911867141724},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6642508506774902},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5705234408378601},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.559586226940155},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.531234085559845},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.5219154357910156},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.4957667291164398},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.33858439326286316},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.2963023781776428},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.16422107815742493},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.16223442554473877},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.09776920080184937}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.9847366809844971},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6738911867141724},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6642508506774902},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5705234408378601},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.559586226940155},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.531234085559845},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.5219154357910156},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.4957667291164398},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.33858439326286316},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.2963023781776428},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.16422107815742493},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.16223442554473877},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.09776920080184937},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/dictap.2016.7544004","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dictap.2016.7544004","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W1985998952","https://openalex.org/W2037314660","https://openalex.org/W2048406491","https://openalex.org/W2153106208","https://openalex.org/W2167752994","https://openalex.org/W2292640533","https://openalex.org/W2536861624","https://openalex.org/W2796196665","https://openalex.org/W6750254216"],"related_works":["https://openalex.org/W2150889667","https://openalex.org/W3190536237","https://openalex.org/W2070218579","https://openalex.org/W2314230716","https://openalex.org/W2547817202","https://openalex.org/W2164582878","https://openalex.org/W2188829598","https://openalex.org/W331060086","https://openalex.org/W3156816392","https://openalex.org/W4312473963"],"abstract_inverted_index":{"In":[0,140],"a":[1,196,203],"sophisticated":[2],"and":[3,29,47,70,74,100,117,125,147,174,194,202],"coordinated":[4],"cyber-attack":[5],"$100":[6],"million":[7],"has":[8],"been":[9],"stolen":[10],"from":[11,86],"Bangladesh's":[12],"account.":[13],"Attackers":[14],"introduced":[15],"malicious":[16],"code":[17],"remotely":[18],"into":[19],"the":[20,31,65,77,94,98,105,119,130,133,152,160,183,188,192,199,206],"Bangladesh":[21,66,123,137,161],"Bank's":[22],"server,":[23],"which":[24,56],"allowed":[25],"them":[26],"to":[27,38,62,128,145,178],"process":[28],"authorize":[30],"transactions.":[32],"Advanced":[33],"attack":[34],"techniques":[35,58],"poses":[36],"threats":[37],"all":[39],"web":[40,80,101,120,165,208],"application":[41,81],"systems.":[42],"Cross":[43,48],"Site":[44,49],"Scripting":[45],"(XSS)":[46],"Request":[50],"Forgery":[51],"(CSRF)":[52],"are":[53,60,72],"two":[54],"vulnerabilities":[55,82,153,176],"have":[57,112],"that":[59],"similar":[61,155],"those":[63],"of":[64,76,104,107,132,151,154,159,167,198],"Bank":[67,138,162],"heist.":[68,139],"XSS":[69,173],"CSRF":[71,175],"third":[73],"eighth":[75],"top":[78],"ten":[79],"on":[83,164,172,182],"OWASP":[84,184],"list":[85],"2013":[87],"till":[88],"now.":[89],"Both":[90],"these":[91,108,158],"attacks":[92,134,156],"violate":[93],"users":[95],"trust":[96],"for":[97,205],"websites":[99],"browsers.":[102],"Because":[103],"severity":[106,131],"vulnerabilities,":[109],"security":[110],"specialists":[111],"always":[113],"shared":[114],"their":[115,179],"concern":[116],"warned":[118],"developers.":[121,209],"Yet":[122],"government's":[124],"developers'":[126],"reluctance":[127],"address":[129],"resulted":[135],"in":[136],"this":[141],"paper,":[142],"we":[143],"aim":[144],"study":[146],"conduct":[148],"an":[149],"investigation":[150,193],"as":[157],"heist":[163],"applications":[166],"Bangladesh.":[168],"We":[169,186],"would":[170],"focus":[171],"due":[177],"high":[180],"ranking":[181],"list.":[185],"analyze":[187],"data":[189],"collected":[190],"during":[191],"provide":[195],"summary":[197],"current":[200],"state":[201],"guideline":[204],"future":[207]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":3},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}