Click to open the HelpDesk interface
AECE - Front page banner

Menu:


FACTS & FIGURES

JCR Impact Factor: 0.700
JCR 5-Year IF: 0.700
SCOPUS CiteScore: 1.8
Issues per year: 4
Current issue: Nov 2024
Next issue: Feb 2025
Avg review time: 55 days
Avg accept to publ: 60 days
APC: 300 EUR


PUBLISHER

Stefan cel Mare
University of Suceava
Faculty of Electrical Engineering and
Computer Science
13, Universitatii Street
Suceava - 720229
ROMANIA

Print ISSN: 1582-7445
Online ISSN: 1844-7600
WorldCat: 643243560
doi: 10.4316/AECE


TRAFFIC STATS

3,063,336 unique visits
1,190,131 downloads
Since November 1, 2009



Robots online now
AhrefsBot
bingbot


SCOPUS CiteScore

SCOPUS CiteScore


SJR SCImago RANK

SCImago Journal & Country Rank




TEXT LINKS

Anycast DNS Hosting
MOST RECENT ISSUES

 Volume 24 (2024)
 
     »   Issue 4 / 2024
 
     »   Issue 3 / 2024
 
     »   Issue 2 / 2024
 
     »   Issue 1 / 2024
 
 
 Volume 23 (2023)
 
     »   Issue 4 / 2023
 
     »   Issue 3 / 2023
 
     »   Issue 2 / 2023
 
     »   Issue 1 / 2023
 
 
 Volume 22 (2022)
 
     »   Issue 4 / 2022
 
     »   Issue 3 / 2022
 
     »   Issue 2 / 2022
 
     »   Issue 1 / 2022
 
 
 Volume 21 (2021)
 
     »   Issue 4 / 2021
 
     »   Issue 3 / 2021
 
     »   Issue 2 / 2021
 
     »   Issue 1 / 2021
 
 
  View all issues  








LATEST NEWS

2024-Jun-20
Clarivate Analytics published the InCites Journal Citations Report for 2023. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.700 (0.700 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.600.

2023-Jun-28
Clarivate Analytics published the InCites Journal Citations Report for 2022. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.800 (0.700 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 1.000.

2023-Jun-05
SCOPUS published the CiteScore for 2022, computed by using an improved methodology, counting the citations received in 2019-2022 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering for 2022 is 2.0. For "General Computer Science" we rank #134/233 and for "Electrical and Electronic Engineering" we rank #478/738.

2022-Jun-28
Clarivate Analytics published the InCites Journal Citations Report for 2021. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.825 (0.722 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.752.

2022-Jun-16
SCOPUS published the CiteScore for 2021, computed by using an improved methodology, counting the citations received in 2018-2021 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering for 2021 is 2.5, the same as for 2020 but better than all our previous results.

Read More »


    
 

  3/2016 - 2

An Enhanced Rule-Based Web Scanner Based on Similarity Score

LEE, M. See more information about LEE, M. on SCOPUS See more information about LEE, M. on IEEExplore See more information about LEE, M. on Web of Science, LEE, Y. See more information about  LEE, Y. on SCOPUS See more information about  LEE, Y. on SCOPUS See more information about LEE, Y. on Web of Science, YOON, H. See more information about YOON, H. on SCOPUS See more information about YOON, H. on SCOPUS See more information about YOON, H. on Web of Science
 
Extra paper information in View the paper record and citations in Google Scholar View the paper record and similar papers in Microsoft Bing View the paper record and similar papers in Semantic Scholar the AI-powered research tool
Click to see author's profile in See more information about the author on SCOPUS SCOPUS, See more information about the author on IEEE Xplore IEEE Xplore, See more information about the author on Web of Science Web of Science

Download PDF pdficon (1,261 KB) | Citation | Downloads: 1,294 | Views: 3,572

Author keywords
intrusion detection, access control, information security, web services, security

References keywords
security(10), network(8), vulnerability(7), testing(4), systems(4), software(4), services(4), server(4), information(4), detection(4)
No common words between the references section and the paper title.

About this article
Date of Publication: 2016-08-31
Volume 16, Issue 3, Year 2016, On page(s): 9 - 14
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2016.03002
Web of Science Accession Number: 000384750000002
SCOPUS ID: 84991070805

Abstract
Quick view
Full text preview
This paper proposes an enhanced rule-based web scanner in order to get better accuracy in detecting web vulnerabilities than the existing tools, which have relatively high false alarm rate when the web pages are installed in unconventional directory paths. Using the proposed matching method based on similarity score, the proposed scheme can determine whether two pages have the same vulnerabilities or not. With this method, the proposed scheme is able to figure out the target web pages are vulnerable by comparing them to the web pages that are known to have vulnerabilities. We show the proposed scanner reduces 12% false alarm rate compared to the existing well-known scanner through the performance evaluation via various experiments. The proposed scheme is especially helpful in detecting vulnerabilities of the web applications which come from well-known open-source web applications after small customization, which happens frequently in many small-sized companies.


References | Cited By  «-- Click to see who has cited this paper

[1] A. Mockus, R. T. Fielding, and J. Herbsleb, "A Case Study of Open Source Software Development: the Apache Server," Proc. ACM International Conference on Software Engineering, pp. 263-272, 2000.
[CrossRef]


[2] Y. C. Ong, and Z. Ismail. "Recent Advances in Information and Communication Technology", pp. 315-324, Springer International Publishing, 2014.

[3] S. Suganya, D. Rajthilak, and G. Gomathi, "Multi-Tier Web Security on Web Applications from Sql Attacks," IOSR Journal of Computer Engineering, vol. 16, no. 2, pp. 1-4, 2014.
[CrossRef]


[4] A. Doupe, M. Cova, and G. Vigna, "Detection of Intrusions and Malware, and Vulnerability Assessment", pp. 111-131, Springer Berlin Heidelberg, 2010.

[5] M. Vieira, N. Antunes, and H. Madeira, "Using Web Security Scanners to Detect Vulnerabilities in Web Services," Proc. IEEE/IFIP International Conference on Dependable Systems & Networks, pp. 566-571, 2009.
[CrossRef] [Web of Science Times Cited 60] [SCOPUS Times Cited 112]


[6] K. Ma, R. Sun, and A. Abraham, "Toward a Lightweight Framework for Monitoring Public Clouds," Proc. Fourth IEEE International Conferences on Computational Aspects of Social Networks. pp. 361-365, 2012.
[CrossRef] [SCOPUS Times Cited 22]


[7] P. Davies, and T. Tryfonas, "A Lightweight Web-based Vulnerability Scanner for Small-scale Computer Network Security Assessment," Journal of Network and Computer Applications, vol. 32, no. 1, pp. 78-95, 2009.
[CrossRef] [Web of Science Times Cited 12] [SCOPUS Times Cited 10]


[8] G. F. Lyon, "Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning", pp. 1-20, Insecure Press, 2009.

[9] S. Jajodia, S. Noel, and B. O'Berry, "Managing Cyber Threats", pp. 247-266, Springer US, 2005.

[10] R. J. Barnett, and B. Irwin, "Towards a Taxonomy of Network Scanning Techniques," Proc. the 2008 ACM annual research conference of the South African Institute of Computer Scientists and Information Technologists on IT research in developing countries: riding the wave of technology, pp. 1-7, 2008.
[CrossRef] [SCOPUS Times Cited 22]


[11] T. Yu, A. Sung, S. Witawas, and G. Rothermel, "An approach to testing commercial embedded systems," Journal of Systems and Software, vo. 88, no. 2, pp. 207-230, 2014.
[CrossRef] [Web of Science Times Cited 6] [SCOPUS Times Cited 9]


[12] A. A. Alfanookh, "An Automated Universal Server Level Solution for SQL Injection Security Flaw," Proc. International Conference on Electrical, Electronic and Computer Engineering, pp. 131-135, 2004.
[CrossRef] [Web of Science Times Cited 2]


[13] J. Chang, K. Venkatasubramanian, A. West, and I. Lee, "Analyzing and Defending against Web-based Malware," ACM Computing Surveys, vol. 45, no. 4, article no. 49, 2013.
[CrossRef] [Web of Science Times Cited 27] [SCOPUS Times Cited 37]


[14] N. Khocharre, S. Chalurkar, and B. Meshram, "Web Application Vulnerabilities Detection Techniques Survey," International Journal of Computer Science & Network Security, vol. 13, no. 6, pp. 71-75, 2013.
[CrossRef]


[15] M. Vieira, N. Antunes, and H. Madeira, "Using Web Security Scanners to Detect Vulnerabilities in Web Services," Proc. IEEE/IFIP Conference on Dependable Systems and Networks, pp. 566-571, Jun. 2009.
[CrossRef] [Web of Science Times Cited 60] [SCOPUS Times Cited 112]


[16] J. Bau, E. Bursztein, D. Gupta, and J. Mitchell, "State of the Art: Automated Black-Box Web Application Vulnerability Testing," Proc. IEEE Symposium on Security and Privacy, pp.332-345, 2010.
[CrossRef] [Web of Science Times Cited 138] [SCOPUS Times Cited 229]


[17] N. Antunes, and M. Vieira, "Benchmarking Vulnerability Detection Tools for Web Services," Proc. IEEE International Conference on Web Services, pp. 203-210, 2010.
[CrossRef] [SCOPUS Times Cited 64]


[18] Z. Duric, "WAPTT-Web Application Penetration Testing Tool," Advances in Electrical and Computer Engineering, vol. 14, no. 1, pp. 93-102, 2014.
[CrossRef] [Full Text] [Web of Science Times Cited 3] [SCOPUS Times Cited 9]


[19] Y. Yun, S. Park, Y. Kim, and J. Ryou, "Information Security Practice and Experience", pp 248-259, Springer Berlin Heidelberg, 2006.

[20] S. Kals, C. Kruegel, and N. Jovanovic, "SecuBat: A Web Vulnerability Scanner", Proc. the 15th International Conference on World Wide Web, pp. 247-256, 2006.
[CrossRef] [SCOPUS Times Cited 173]


[21] A. Austin, and L. Williams, "One Technique is not Enough: A Comparison of Vulnerability Discovery Techniques," Proc. IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), pp. 97-106, 2011.
[CrossRef] [Web of Science Times Cited 72] [SCOPUS Times Cited 99]


[22] V. D. Kotov, and V. I. Vasilyev, "Detection of Web Server Attacks using Principles of Immunocomputing," Proc. 2nd World Congress on Nature and Biologically Inspired Computing, pp. 25- 30, 2010.
[CrossRef] [SCOPUS Times Cited 1]


[23] J. Bau, E. Bursztein, D. Gupta, and J. Mitchell, "State of the art: Automated Black-box Web Application Vulnerability Testing," Proc. IEEE Symposium on Security and Privacy (SP), pp. 332-345, 2010.
[CrossRef] [Web of Science Times Cited 138] [SCOPUS Times Cited 229]


[24] S. Stefanov, "Building Online Communities with phpBB", pp. 5-15, Packt Publishing, 2005.

[25] M. Choi, H. Ju, H. Cha, S. Kim, and J. Hong, "An Efficient Embedded Web Server for Web-based Network Element Management," Proc. IEEE/IFIP Network Operations and Management Symposium, pp. 187-200, 2000.
[CrossRef]


[26] J. Hong, M. Chung, and H. Choo, "Novel Bulletin Board System based on Document Object Model and Client-side Scripting for Improved Interaction," Proc. IEEE International Conferences on Information Networking (ICOIN), pp. 511-516, 2013.
[CrossRef]


[27] A. Blomquist, and M. Arvola, "Personas in Action: Ethnography in an Interaction Design Team," Proc. 2nd ACM Nordic conference on Human-computer interaction, pp. 197-200, 2002.
[CrossRef]




References Weight

Web of Science® Citations for all references: 518 TCR
SCOPUS® Citations for all references: 1,128 TCR

Web of Science® Average Citations per reference: 19 ACR
SCOPUS® Average Citations per reference: 40 ACR

TCR = Total Citations for References / ACR = Average Citations per Reference

We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more

Citations for references updated on 2024-12-13 19:36 in 144 seconds.




Note1: Web of Science® is a registered trademark of Clarivate Analytics.
Note2: SCOPUS® is a registered trademark of Elsevier B.V.
Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site.

Copyright ©2001-2024
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania


All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.

Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.

Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.




Website loading speed and performance optimization powered by: 


DNS Made Easy