{"id":"https://openalex.org/W2971802583","doi":"https://doi.org/10.1145/3341325.3342032","title":"Analysis of Automated Web Application Security Vulnerabilities Testing","display_name":"Analysis of Automated Web Application Security Vulnerabilities Testing","publication_year":2019,"publication_date":"2019-07-01","ids":{"openalex":"https://openalex.org/W2971802583","doi":"https://doi.org/10.1145/3341325.3342032","mag":"2971802583"},"language":"en","primary_location":{"id":"doi:10.1145/3341325.3342032","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3341325.3342032","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 3rd International Conference on Future Networks and Distributed Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071092288","display_name":"Pariwish Touseef","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":true,"raw_author_name":"Pariwish Touseef","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050278554","display_name":"Khubaib Amjad Alam","orcid":"https://orcid.org/0000-0002-9476-2940"},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Khubaib Amjad Alam","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059900651","display_name":"Abid Jamil","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Abid Jamil","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069862191","display_name":"Hamza Tauseef","orcid":null},"institutions":[{"id":"https://openalex.org/I4210147796","display_name":"University of Faisalabad","ror":"https://ror.org/04eps4h65","country_code":"PK","type":"education","lineage":["https://openalex.org/I4210147796"]},{"id":"https://openalex.org/I192392021","display_name":"University of Central Punjab","ror":"https://ror.org/04g0mqe67","country_code":"PK","type":"education","lineage":["https://openalex.org/I192392021"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Hamza Tauseef","raw_affiliation_strings":["University of Central Punjab, Faisalabad Pakistan"],"affiliations":[{"raw_affiliation_string":"University of Central Punjab, Faisalabad Pakistan","institution_ids":["https://openalex.org/I4210147796","https://openalex.org/I192392021"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003349487","display_name":"Sahar Ajmal","orcid":"https://orcid.org/0000-0002-2096-2325"},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Sahar Ajmal","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088840724","display_name":"Rimsha Asif","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Rimsha Asif","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047582014","display_name":"Bisma Rehman","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Bisma Rehman","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044676412","display_name":"Sumaira Mustafa","orcid":null},"institutions":[{"id":"https://openalex.org/I201384688","display_name":"National University of Computer and Emerging Sciences","ror":"https://ror.org/003eyb898","country_code":"PK","type":"education","lineage":["https://openalex.org/I201384688"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Sumaira Mustafa","raw_affiliation_strings":["National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan"],"affiliations":[{"raw_affiliation_string":"National University of Computer and Emerging Science, Faisalabad-Chiniot Pakistan","institution_ids":["https://openalex.org/I201384688"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5071092288"],"corresponding_institution_ids":["https://openalex.org/I201384688"],"apc_list":null,"apc_paid":null,"fwci":3.7306,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.94152118,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.9242458343505859},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.8157250881195068},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.7867918014526367},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7689555883407593},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6754937171936035},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.6159549355506897},{"id":"https://openalex.org/keywords/scope","display_name":"Scope (computer science)","score":0.5367554426193237},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.49031928181648254},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.45168715715408325},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.4455205798149109},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.39947667717933655},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.28406140208244324},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2610777020454407},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.2484426498413086},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.23715072870254517},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.2086237072944641},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.20071402192115784},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.1910315454006195},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.08053824305534363}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.9242458343505859},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.8157250881195068},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.7867918014526367},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7689555883407593},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6754937171936035},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.6159549355506897},{"id":"https://openalex.org/C2778012447","wikidata":"https://www.wikidata.org/wiki/Q1034415","display_name":"Scope (computer science)","level":2,"score":0.5367554426193237},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.49031928181648254},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.45168715715408325},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.4455205798149109},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.39947667717933655},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.28406140208244324},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2610777020454407},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.2484426498413086},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.23715072870254517},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.2086237072944641},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.20071402192115784},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.1910315454006195},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.08053824305534363},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3341325.3342032","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3341325.3342032","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 3rd International Conference on Future Networks and Distributed Systems","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6200000047683716}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W4214443","https://openalex.org/W70390820","https://openalex.org/W659618760","https://openalex.org/W1489243061","https://openalex.org/W1593362647","https://openalex.org/W1978584859","https://openalex.org/W1979605461","https://openalex.org/W2017747296","https://openalex.org/W2028476081","https://openalex.org/W2029511378","https://openalex.org/W2044585878","https://openalex.org/W2049123707","https://openalex.org/W2050396717","https://openalex.org/W2080803678","https://openalex.org/W2082818071","https://openalex.org/W2085708896","https://openalex.org/W2100883222","https://openalex.org/W2121321274","https://openalex.org/W2167752994","https://openalex.org/W2185917985","https://openalex.org/W2312996662","https://openalex.org/W2488663997","https://openalex.org/W2789823311","https://openalex.org/W2791903985","https://openalex.org/W2801119850","https://openalex.org/W2806693926","https://openalex.org/W2888931477","https://openalex.org/W2896410471","https://openalex.org/W2923865514","https://openalex.org/W2936512185","https://openalex.org/W2944600692","https://openalex.org/W3184938572"],"related_works":["https://openalex.org/W2167752994","https://openalex.org/W2955734438","https://openalex.org/W2775081089","https://openalex.org/W2504194819","https://openalex.org/W2407701912","https://openalex.org/W1982746004","https://openalex.org/W4256450364","https://openalex.org/W4245700610","https://openalex.org/W4316037345","https://openalex.org/W2070218579"],"abstract_inverted_index":{"In":[0],"recent":[1],"years,":[2],"the":[3,72,120,126],"global":[4],"spread":[5],"of":[6,36,40,76,95,108],"web":[7,30,77,102],"risks":[8,75],"have":[9,86],"proposed":[10],"an":[11,25,37],"immediate":[12],"demand":[13],"for":[14,123],"security":[15,33,121],"models":[16],"and":[17,67,82,106],"prevention":[18],"mechanisms.":[19],"This":[20,112],"study":[21,97],"preliminary":[22],"findings":[23],"analyze":[24],"extensive":[26],"literature":[27],"review":[28],"on":[29],"application":[31,103],"vulnerabilities":[32,104],"testing.":[34],"Out":[35],"initial":[38],"set":[39],"237":[41],"studies,":[42],"30":[43],"studies":[44],"were":[45],"finally":[46],"included":[47],"as":[48],"Primary":[49],"Research":[50],"Studies":[51],"(PRS)":[52],"by":[53,65,90],"assuring":[54],"two":[55],"research":[56,91],"questions.":[57],"The":[58,93],"results":[59],"reveals":[60],"that":[61],"SQL":[62],"injection":[63],"followed":[64],"XSS":[66],"Sensitive":[68],"data":[69,110],"exposure":[70],"are":[71],"most":[73],"recurring":[74],"applications.":[78],"Similarly,":[79],"Invalidated":[80],"Redirects":[81],"Forwards/Under":[83],"Protected":[84],"APIs":[85],"received":[87],"little":[88],"attention":[89],"community.":[92],"scope":[94],"this":[96],"is":[98],"also":[99,114],"extended":[100],"to":[101,118],"testing":[105],"identification":[107],"relevant":[109],"sets.":[111],"paper":[113],"recommends":[115],"future":[116],"possibilities":[117],"enhance":[119],"approaches":[122],"protection":[124],"against":[125],"risks.":[127]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}