{"id":"https://openalex.org/W4214947963","doi":"https://doi.org/10.1109/imcom53663.2022.9721750","title":"Descriptive Analysis of Built-in Security Features in Web Development Frameworks","display_name":"Descriptive Analysis of Built-in Security Features in Web Development Frameworks","publication_year":2022,"publication_date":"2022-01-03","ids":{"openalex":"https://openalex.org/W4214947963","doi":"https://doi.org/10.1109/imcom53663.2022.9721750"},"language":"en","primary_location":{"id":"doi:10.1109/imcom53663.2022.9721750","is_oa":false,"landing_page_url":"https://doi.org/10.1109/imcom53663.2022.9721750","pdf_url":null,"source":{"id":"https://openalex.org/S4363608555","display_name":"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5035472036","display_name":"Abdulaziz Aborujilah","orcid":"https://orcid.org/0000-0002-7497-4321"},"institutions":[{"id":"https://openalex.org/I4528857","display_name":"University of Kuala Lumpur","ror":"https://ror.org/026wwrx19","country_code":"MY","type":"education","lineage":["https://openalex.org/I4528857"]}],"countries":["MY"],"is_corresponding":true,"raw_author_name":"Abdulaziz Aborujilah","raw_affiliation_strings":["Universiti Kuala Lumpur Universiti,Malaysian Institute Of Information Technology (MIIT),Kuala Lumpur,Malaysia","Malaysian Institute Of Information Technology (MIIT), Universiti Kuala Lumpur Universiti, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"Universiti Kuala Lumpur Universiti,Malaysian Institute Of Information Technology (MIIT),Kuala Lumpur,Malaysia","institution_ids":["https://openalex.org/I4528857"]},{"raw_affiliation_string":"Malaysian Institute Of Information Technology (MIIT), Universiti Kuala Lumpur Universiti, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I4528857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026280279","display_name":"Jibril Adamu","orcid":null},"institutions":[{"id":"https://openalex.org/I4528857","display_name":"University of Kuala Lumpur","ror":"https://ror.org/026wwrx19","country_code":"MY","type":"education","lineage":["https://openalex.org/I4528857"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Jibril Adamu","raw_affiliation_strings":["Universiti Kuala Lumpur Universiti,Malaysian Institute Of Information Technology (MIIT),Kuala Lumpur,Malaysia","Malaysian Institute Of Information Technology (MIIT), Universiti Kuala Lumpur Universiti, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"Universiti Kuala Lumpur Universiti,Malaysian Institute Of Information Technology (MIIT),Kuala Lumpur,Malaysia","institution_ids":["https://openalex.org/I4528857"]},{"raw_affiliation_string":"Malaysian Institute Of Information Technology (MIIT), Universiti Kuala Lumpur Universiti, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I4528857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055580236","display_name":"Shafiza Mohd Shariff","orcid":"https://orcid.org/0000-0003-0670-8088"},"institutions":[{"id":"https://openalex.org/I4528857","display_name":"University of Kuala Lumpur","ror":"https://ror.org/026wwrx19","country_code":"MY","type":"education","lineage":["https://openalex.org/I4528857"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Shafiza Mohd Shariff","raw_affiliation_strings":["Universiti Kuala Lumpur Universiti,Malaysian Institute Of Information Technology (MIIT),Kuala Lumpur,Malaysia","Malaysian Institute Of Information Technology (MIIT), Universiti Kuala Lumpur Universiti, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"Universiti Kuala Lumpur Universiti,Malaysian Institute Of Information Technology (MIIT),Kuala Lumpur,Malaysia","institution_ids":["https://openalex.org/I4528857"]},{"raw_affiliation_string":"Malaysian Institute Of Information Technology (MIIT), Universiti Kuala Lumpur Universiti, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I4528857"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044153218","display_name":"Zalizah Awang Long","orcid":"https://orcid.org/0000-0002-7861-530X"},"institutions":[{"id":"https://openalex.org/I4528857","display_name":"University of Kuala Lumpur","ror":"https://ror.org/026wwrx19","country_code":"MY","type":"education","lineage":["https://openalex.org/I4528857"]},{"id":"https://openalex.org/I1323252656","display_name":"Information Technology University","ror":"https://ror.org/00ngv8j44","country_code":"PK","type":"education","lineage":["https://openalex.org/I1323252656"]}],"countries":["MY","PK"],"is_corresponding":false,"raw_author_name":"Zalizah Awang Long","raw_affiliation_strings":["University of Kuala Lumpur,Malaysian Institute of Information Technology","Malaysian Institute of Information Technology, University of Kuala Lumpur"],"affiliations":[{"raw_affiliation_string":"University of Kuala Lumpur,Malaysian Institute of Information Technology","institution_ids":["https://openalex.org/I4528857"]},{"raw_affiliation_string":"Malaysian Institute of Information Technology, University of Kuala Lumpur","institution_ids":["https://openalex.org/I4528857","https://openalex.org/I1323252656"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5035472036"],"corresponding_institution_ids":["https://openalex.org/I4528857"],"apc_list":null,"apc_paid":null,"fwci":1.3109,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.82424594,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.8188426494598389},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.8086988925933838},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7347924709320068},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.7085714936256409},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.6958650350570679},{"id":"https://openalex.org/keywords/web-application-development","display_name":"Web application development","score":0.6142051219940186},{"id":"https://openalex.org/keywords/web-modeling","display_name":"Web modeling","score":0.5833025574684143},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.567211925983429},{"id":"https://openalex.org/keywords/web-standards","display_name":"Web standards","score":0.5331539511680603},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5273785591125488},{"id":"https://openalex.org/keywords/web-engineering","display_name":"Web engineering","score":0.46828076243400574},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.4317783713340759},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4047333002090454},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.36379700899124146},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2633591890335083},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2049315869808197},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.1941038966178894}],"concepts":[{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.8188426494598389},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.8086988925933838},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7347924709320068},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.7085714936256409},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.6958650350570679},{"id":"https://openalex.org/C120927855","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application development","level":4,"score":0.6142051219940186},{"id":"https://openalex.org/C130436687","wikidata":"https://www.wikidata.org/wiki/Q7978591","display_name":"Web modeling","level":3,"score":0.5833025574684143},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.567211925983429},{"id":"https://openalex.org/C182321512","wikidata":"https://www.wikidata.org/wiki/Q1153289","display_name":"Web standards","level":3,"score":0.5331539511680603},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5273785591125488},{"id":"https://openalex.org/C97200028","wikidata":"https://www.wikidata.org/wiki/Q1196135","display_name":"Web engineering","level":5,"score":0.46828076243400574},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.4317783713340759},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4047333002090454},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.36379700899124146},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2633591890335083},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2049315869808197},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.1941038966178894},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/imcom53663.2022.9721750","is_oa":false,"landing_page_url":"https://doi.org/10.1109/imcom53663.2022.9721750","pdf_url":null,"source":{"id":"https://openalex.org/S4363608555","display_name":"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.4399999976158142,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320321147","display_name":"Ministry of Higher Education","ror":"https://ror.org/0512bh102"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W1887456453","https://openalex.org/W1975149427","https://openalex.org/W2128488388","https://openalex.org/W2156010380","https://openalex.org/W2290500536","https://openalex.org/W2330967414","https://openalex.org/W2409190491","https://openalex.org/W2504171621","https://openalex.org/W2587249013","https://openalex.org/W2601951466","https://openalex.org/W2625856932","https://openalex.org/W2782994466","https://openalex.org/W2801896034","https://openalex.org/W2895671788","https://openalex.org/W2899106578","https://openalex.org/W2909755058","https://openalex.org/W2914174375","https://openalex.org/W2922831942","https://openalex.org/W2941525821","https://openalex.org/W2945886083","https://openalex.org/W2952848714","https://openalex.org/W2963955016","https://openalex.org/W3091871466","https://openalex.org/W3093595239","https://openalex.org/W3103242695","https://openalex.org/W6679299833","https://openalex.org/W6714211847","https://openalex.org/W6735604786","https://openalex.org/W6736631235","https://openalex.org/W6739228276","https://openalex.org/W6747381590","https://openalex.org/W6751446249","https://openalex.org/W6765187293","https://openalex.org/W6989471093"],"related_works":["https://openalex.org/W2083496135","https://openalex.org/W980488187","https://openalex.org/W2133426335","https://openalex.org/W2262068244","https://openalex.org/W3036473565","https://openalex.org/W3147180876","https://openalex.org/W2765547800","https://openalex.org/W2155498242","https://openalex.org/W4214947963","https://openalex.org/W2913452075"],"abstract_inverted_index":{"Many":[0],"challenges":[1],"are":[2,22,38,135],"facing":[3],"modern":[4,66,81,109],"web":[5,14,20,46,67,82,91,110,114,138],"applications,":[6],"and":[7,24,35,57,99,101,112,125],"security":[8,43,62,118],"is":[9],"a":[10],"major":[11],"concern":[12],"for":[13],"applications":[15,21,68,111],"developers":[16,124],"especially":[17],"when":[18],"today's":[19],"interactive":[23],"support":[25],"user":[26],"collaboration.":[27],"SQL":[28],"injections,":[29],"cross-site":[30,32],"scripting,":[31],"request":[33],"forgery,":[34],"broken":[36],"authentication":[37],"examples":[39],"of":[40,90],"these":[41],"common":[42,105],"vulnerabilities.":[44,72],"Several":[45],"development":[47,115],"frameworks":[48,116],"(e.g.,":[49],"Laravel,":[50],"Spring":[51],"Boot,":[52],"Django,":[53],"Ruby":[54],"on":[55,97],"Rails,":[56],"ASP.NET":[58],"Core)":[59],"provide":[60],"out-of-the-box":[61],"features":[63],"to":[64,79],"protect":[65],"against":[69],"the":[70,88,103,113,129],"above-mentioned":[71],"Developers":[73],"usually":[74],"use":[75],"manual":[76,85],"protection":[77,86,132],"mechanisms":[78],"secure":[80],"applications.":[83],"Although,":[84],"increases":[87],"probability":[89],"application":[92,139],"attacks.":[93],"This":[94,120],"study":[95,121],"focuses":[96],"reviewing":[98],"comparing":[100],"analyzing":[102],"most":[104,130],"vulnerabilities":[106],"found":[107],"in":[108,127],"built-in":[117],"features.":[119],"aid":[122],"software":[123],"organizations":[126],"selecting":[128],"effective":[131],"methods":[133],"which":[134],"provided":[136],"by":[137],"frameworks.":[140]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}