2. Introduction
Web application security is the process of protecting websites
and online services against different security threats that
exploit vulnerabilities in an application's code.
Data is being transmitted in huge number in daily basis
globally.
In the Age of Information Technology secure data plays various
roles to grow every business if data is not secure. Business will
lose the industrial values
Web Application information security have become very
much of a concern for safety of data and information.
3. Literature Review
A. Dr. Ashish Adholiya
“A Study on Cyber Security Practices and Tips Awareness
among E- Banking Services Users”
B.
Distribution of exploits used by cybercriminals, by type of
attacked application, Q2 2019 (Kaspersky Lab)
1.paper Based on the statistical outputs, it is obvious that public and
private sector bank customers of Udaipur district are well-
exposed to cyber threats and security issues and challenges and
about their level of awareness for the common cyber-attacks
threats in electronic banking is good for attacks through mass
media, ATM malware intrusion, traditional card frauds, PC and
mobile oriented banking attacks, theft of biometric data,
ransomware, social engineering, and phishing.
Android, Browser , Java attract , Office.
4. Encryptions Technique for web application
TRIPLE EDS : In cryptography, Triple DES, officially the Triple Data Encryption Algorithm, is a
symmetric-key block cipher, which applies the DES cipher algorithm three times to each data
block.
RSA : RSA is a public key encryption algorithm and it is also the standard for the encrypting the
data that is being sent over the internet.
AES: It this key of 256 it is Advanced Encryption Standard which uses keys of 192 and 256 bits for
encryption even though it is efficient in 128-bit form.
SSL: Secure Sockets Layer, are cryptographic protocols designed to provide communications
security over a computer network.
5. Poor Security Related to Web Server hardware
Poor Configuration.
Low Security Budget.
Data lost in portable network.
Control of all hardware and software connected to your network.
Poor Alert System.
6. Cyber Security Focus
Keeping the Bad Guys out
Protecting your Internal Network
Recovering from an Attack
9. Security Measures
Use Secure Sockets Layer.
Strong Firewall.
Use Cross Key Checking and Encryptions.
IT security auditing.
Update programs regularly.
Backup regularly.
Educate Society.
10. Conclusion
Web application security is one of the major in an organization
because it will help to protect its confidentiality and prevent the
unauthorized access.
Use different encryption technique, Method of web app
development , powerful hardware component, ISO Protect
our application and provides robustness.
As more devices become internet-enabled and accessible and the security measures in place continue to lag behind, the associated risks are on the rise. Aside from the obvious risks for attacks on consumer IoT devices, there is a growing threat against industrial and municipal IoT as well. As leading manufacturers and grid power producers transition to Industry 4.0, sufficient safeguards are lacking. Not only do these IoT devices run the risk of being used to attack others, but their vulnerabilities leave them open to being used against the industrial organizations operating critical infrastructure themselves. This can lead to theft of intellectual property, collecting competitive intelligence, and even the disruption or destruction of critical infrastructure. Not only is the potential scale of these attacks larger, most of these industrial firms do not have the skills in place to deal with web attacks in real-time, which can cause long-lasting, damaging results. This alone will become one of the greatest threats that countries and corporations need to brace themselves for in 2017 and beyond.
There are plenty of "As-A- Service" attack capabilities on the Dark Web for hire now and we should expect creative new IoT hack services to pop up in the near future.
As organizations adopt more effective strategies to defeat malware, attackers will shift their approach and start to use legitimate credentials and software - think physical insiders, credential theft, man-in-the-app. The increased targeting of social media and personal email bypasses many network defenses, like email scans and URL filters. The most dangerous aspect is how attackers manipulate victims with offers or threats that they would not want to present to an employer, like employment offers or illicit content. Defenders will begin to appreciate that inconsistent user behaviors are the most effective way to differentiate malware and insider threats from safe and acceptable content.