Please use this identifier to cite or link to this item: https://hdl.handle.net/11147/4249
Full metadata record
DC FieldValueLanguage
dc.contributor.advisorTuğlular, Tuğkan-
dc.contributor.authorUfuktepe, Ekincan-
dc.date.accessioned2014-12-05T14:32:42Z-
dc.date.available2014-12-05T14:32:42Z-
dc.date.issued2014-07-
dc.identifier.urihttp://hdl.handle.net/11147/4249-
dc.descriptionThesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2014en_US
dc.descriptionIncludes bibliographical references (leaves: 52-54)en_US
dc.descriptionText in English; Abstract: Turkish and Englishen_US
dc.descriptionFull text release delayed at author's request until 2017.08.28en_US
dc.description.abstractWeb applications have become an integral part of our daily lives. People mostly provide their important needs, such as people keep their private data, do their banking transactions, shopping etc. through web applications. Therefore, web applications have been an attractive target to malicious individuals and organizations. The usage of JavaScript language by web application developers is increasing very fast, especially after JavaScript started to service back-end developers as well. Therefore, JavaScript has incorporated both front-end and back-end developers. Concurrently, due to flexibility and its most popular library called jQuery, JavaScript has become an attractive to web application developers. OWASP updates the top 25 security vulnerabilities regularly. According the results, SQL Injection (CWE-89) and Operating System Command Injection (CWE-78) has taken the 1st place and Cross-Site Scripting (XSS) (CWE-79) has taken the 3rd place. The results shows that three input validation based vulnerabilities appear in the top three; therefore, it can be said that input validation vulnerabilities have become critical vulnerabilities of web applications. However, developers still fail to validate the inputs or use libraries to protect their web applications against input validation vulnerabilities. In this thesis, JavaScript application’s functions are analyzed to determine if their parameters are validated or not. Then, according to the invalidated inputs, a Bayesian Network to measure its readiness to input validation vulnerabilities is generated.en_US
dc.language.isoenen_US
dc.publisherIzmir Institute of Technologyen_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subjectBayesian Networksen_US
dc.subjectInput validation vulnerabilitiesen_US
dc.subjectMeasurement of readinessen_US
dc.subject.lcshJavaScript (Computer program language)en_US
dc.titleMeasurement of JavaScript applications' readiness to untrusted data using Bayesian Networksen_US
dc.title.alternativeJavaScrit uygulamalarında güvenilir olmayan verilere karşı hazırlığının Bayesian Ağları ile ölçülmesien_US
dc.typeMaster Thesisen_US
dc.authorid0000-0002-0156-4321en_US
dc.institutionauthorUfuktepe, Ekincan-
dc.departmentThesis (Master)--İzmir Institute of Technology, Computer Engineeringen_US
dc.relation.publicationcategoryTezen_US
item.fulltextWith Fulltext-
item.grantfulltextopen-
item.languageiso639-1en-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.cerifentitytypePublications-
item.openairetypeMaster Thesis-
crisitem.author.dept03.04. Department of Computer Engineering-
Appears in Collections:Master Degree / Yüksek Lisans Tezleri
Files in This Item:
File Description SizeFormat 
10029074.pdfMasterThesis2.36 MBAdobe PDFThumbnail
View/Open
Show simple item record



CORE Recommender

Page view(s)

274
checked on Nov 18, 2024

Download(s)

108
checked on Nov 18, 2024

Google ScholarTM

Check





Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.