Article

A Penetration Testing Method for E-Commerce Authentication System Security

Authors:

Wei Pan,

Weihua LiAuthors Info & Claims

ICMECG '09: Proceedings of the 2009 International Conference on Management of e-Commerce and e-Government

Pages 449 - 453

https://doi.org/10.1109/ICMeCG.2009.111

Published: 16 September 2009 Publication History

Publisher Site

Abstract

E-Commerce systems are suffering more and more security issues. Vulnerabilities of authentication systems are revealed when various attacks and malicious abuses are developed and deployed to violate security of system and information. To improve the ability to defend authentication system against invasion and abuse, a novel penetration testing method for E-Commerce authentication system is proposed to scrutinize the vulnerabilities of e-Commerce authentication system and evaluate severity level of potential vulnerabilities. The penetration testing method is an active vulnerability analysis and verification method that can mimic active attacks and perform exploitations by constructing effective and concise penetration testing cases. Through analyzing dynamic taint propagation, the presented method can determine feasibility of the attacks and evaluate security of authentication system. The experiment demonstrates the proposed method can serve as a viable and effective candidate for security detection of authentication system.

A Penetration Testing Method for E-Commerce Authentication System Security
1. Security and privacy
  1. Security services
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Penetration Testing on Virtual Environments
ICINS '16: Proceedings of the 4th International Conference on Information and Network Security

Since the beginning, computer systems have faced the challenge of protecting the information with which they work, and with the technological development, computational security techniques have become more complex to face the potentials attacks. ...
A Method for Automatic Penetration Testing and Mitigation: A Red Hat Approach
Abstract
Recently in the cybersecurity landscape, various figures have spread with different peculiarities. For instance there are the Black Hat hackers, aimed to perpetrate damage on the system or to silently exfiltrate sensitive information but there ...
Threat led advanced persistent threat penetration test

Cyber security attacks have been on the rise in recent years. One of the most destructive attacks are known as advanced persistent threat (APT) attacks which can inflict massive damages to a network. A common approach of testing the security of an IT ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ICMECG '09: Proceedings of the 2009 International Conference on Management of e-Commerce and e-Government

September 2009

547 pages

ISBN:9780769537788

Publisher

IEEE Computer Society

United States

Publication History

Published: 16 September 2009

Author Tags

Qualifiers

Article

Recommendations

Penetration Testing on Virtual Environments

A Method for Automatic Penetration Testing and Mitigation: A Red Hat Approach

Threat led advanced persistent threat penetration test

Comments

Published In

Publisher

Publication History

Author Tags

Qualifiers

Other Metrics

Article Metrics

Other Metrics

Abstract

Recommendations

Penetration Testing on Virtual Environments

A Method for Automatic Penetration Testing and Mitigation: A Red Hat Approach

Threat led advanced persistent threat penetration test

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations