Web security: Research challenges and open issues

Abstract

It has been observed for a quite long time that Web Security has been one of hot research areas, from point of view of be it either analysis or detection and later developing mitigation plans. Web security threats have undergone much sophistication compared to their initial introduction and they are becoming more & more evolved everyday. The evolution might be in terms of new ways of attack or bringing in resistance to using simulated OS or VM environments. Also, there has been considerable shift in the target of attacks in recent years. Earlier, clients were ignored while choosing targets. But, in recent years client user has become the main target for attacks as the adversary believe that the end user is the weakest link in the security chain. As a result of all these latest developments traditional security tools have been ineffective against these new attacks either for detecting or analyzing the attacks. In this regard this paper presents a brief survey of research challenges and open issues in the area of web security under the suitable subtitles depending upon type of attack associated with the issues. � 2011 Springer-Verlag.