diplomsko delo
Abstract
Diplomsko delo se osredotoča na analizo petih najbolj pogostih ranljivosti spletnih sistemov ter sistemov za upravljanje spletnih vsebin (CMS): na medsebojno skriptiranje, vrivanje kode SQL, napad z enim klikom, dvig privilegija in ugrabitev seje uporabnika. Analizirani so najpogostejši scenariji omenjenih ranljivosti, vzroki za vdore in možni načini za zaščito pred napadi. Ugotovili smo, da je glavni razlog napadov zastarela oziroma nezadostna varnost spletnih sistemov. Tako smo izpostavili ključne točke, kako se zavarovati proti vsem omenjenim ranljivostim ter s pomočjo analize ranljivosti ustvarili podlago za nadaljnje raziskave glede varnosti spletnih sistemov.
Keywords
sistem za upravljanje spletnih vsebin CMS;vdor;vtičniki;ranljivost sistemov;varnost;diplomske naloge;
Data
Language: |
Slovenian |
Year of publishing: |
2021 |
Typology: |
2.11 - Undergraduate Thesis |
Organization: |
UM FERI - Faculty of Electrical Engineering and Computer Science |
Publisher: |
[R. Nabergoj] |
UDC: |
004.77.056(043.2) |
COBISS: |
92403459
|
Views: |
241 |
Downloads: |
28 |
Average score: |
0 (0 votes) |
Metadata: |
|
Other data
Secondary language: |
English |
Secondary title: |
Security analysis of web content management systems |
Secondary abstract: |
This thesis focuses on the analysis of the five most common vulnerabilities of web systems and web content management systems (CMS): Cross-Site Scripting, SQL Injection, Cross-Site Request Forgery, Privilege Escalation Attacks and Session Fixation Attacks. Through the analysis we presented the most common scenarios of the mentioned vulnerabilities, why intrusions occur, and what the owners of web systems can do to protect themselves from these attacks. We found that the main reason for the attacks were outdated web systems with insufficient security. Thus, we highlighted the key points of how to protect web systems against these vulnerabilities, and through our vulnerability analysis created the basis for further research on the security of web systems. |
Secondary keywords: |
CMS;intrusion;plug-ins;system vulnerabilities;security; |
Type (COBISS): |
Bachelor thesis/paper |
Thesis comment: |
Univ. v Mariboru, Fak. za elektrotehniko, računalništvo in informatiko, Medijske komunikacije |
Pages: |
VIII, 41 str. |
ID: |
13337538 |