Strengthening web application security through technical measures.

Thumbnail Image
Daka, Mike
Journal Title
Journal ISSN
Volume Title
The University of Zambia.
This research aimed to investigate web application vulnerabilities and develop effective countermeasures against various malware attacks. The research objectives were to identify and assess prevalent web application malware, evaluate current malware detection approaches, and develop secure web applications with a clear understanding of vulnerabilities and associated countermeasures. A detailed methodology was employed, including a mixed-mode approach combining theoretical analysis and practical application.The research findings highlighted the common types of web application attacks, including SQL injection, directory traversal, and packet sniffing, and underscored the significance of technical measures such as firewalls, intrusion detection systems, and secure coding practices in enhancing web application security. The investigation revealed key vulnerabilities in web applications and demonstrated how these could be exploited by hackers, leading to potential compromise of confidentiality, integrity, and availability.The study emphasised the effectiveness of input validation, client-side and server-side validation, and input sanitisation as defences against SQL injection attacks. It also stressed the importance of securing the web server with HTTPS encryption to counter packet sniffing vulnerabilities. The research underlined the importance of implementing technical security measures and maintaining vigilance in identifying and addressing potential security risks.The research contributes to existing efforts in web application security and provides a foundation for future research and development in this area. The findings also highlight the need for continuous monitoring and proactive management of web application security. Future work should explore emerging technologies and tools for enhancing web application security and developing best practices for secure web application development.