Today almost no business can survive without the utilisation of the Internet as a mean to provide services or products to customers or other businesses. Web applications have become robust and easy to use; therefore the largest population now is more intrigued to use the Web as a mean of purchasing, banking or even communicating with other people. Therefore, such applications have become a good target to hackers who would try to exploit every vulnerable point that may become available to them. Due to the continuously increasing need for more robust and faster Web applications, technologies need to change and adapt, causing new security flows, therefore requiring taking continuous measures to discover and fix security holes. By exposing the weaknesses of such Web applications and discovering how attacks are made should provide the basis to secure a Web application.

Familiarisation with Web application principles, protocols and implementation, and also with basic security principles. The students should have attended either Enterprise Systems Development (COMM030) or Agile Web Development (COMM013). Modules related to security such as Computer Security (COMM024) or Network Security (COMM026) is also desirable but not essential.

The aim of this module is to make the students aware of the need and importance of security in Web applications and to investigate ways of thinking and solving such security problems. The students will explore in practice the vulnerable points of weak Web applications and the different attacking methods that hackers perform then and learn how to prevent such attacks.

By the end of the module the students should be able to:

1. understand the vulnerability of web applications and the need for securing them
2. categorise the different attack methods and learn how each can affect the application’s security
3. examine and secure a web application to prevent it from attacks
4. put theory in practice through the usage of comprehensive tools in order to discover vulnerable points in a web application and then securing the application to prevent attacks.

Introduction Web Applications security

• What is Web hacking and why is it important
• Tools and automation

Attacking methods and countermeasures

• Web Platforms: detecting evasion techniques and countermeasures for popular web platforms
• Web Authentication: password based, multifactor (e.g. SecureID, Passmark, etc), and online authentication services (e.g. Microsoft Passport)
• Web Authorisation: session analysis, hijacking, and fixation techniques

• Input Validation: cross-site scripting, HTTP response splitting, buffer overflows, dot-dot-slash, metacharacters, encoding techniques
• Web Datastores: SQL injection (e.g. blind method or platform specific)
• XML Web Services: SOAP vulnerability, WSDL disclosure, input injection, external entity injection, XPath injection
• Web Application Management: vulnerabilities in remote server management, web content management/authoring, admin misconfigurations, and developer-driven mistakes
• Web Clients: IE and Firefox exploits
• Denial of Service (DoS): click fraud, infrastructure DoS, application layer Distributed DoS (DDoS)
• Humans: phishing

Web 2.0 Vulnerability:

• HTML and JavaScript Injection
• Thick Clients: Cookies; Flash; Ajax

Testing and securing the Web application

• Testing tools; Scanners
• Prevention

The module will consist of approximately 25 hours of lectures and 5 hours of lab sessions.

• Scambray, J., Shema, M. and Sima, C., Hacking Exposed Web Applications, Second Edition: Web Application Security Secrets and Solutions, McGraw-Hill Osborne; 2 edition, 2006, ISBN: 0072262990
• Stuttard, D. and Pinto, M., The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws, John Wiley & Sons, 2007, ISBN: 0470170778