Singapore Institute of Technology
Browse

Unifying Web Security Assessments with MALA: A Modular Approach

Download (3.31 MB)
conference contribution
posted on 2024-07-15, 08:06 authored by Zeus Sze Hao Chan, Hon Ngee Teo, Jing Hao Lim, Leslie Zhen Yong Tan, Huaqun GuoHuaqun Guo

In the realm of cybersecurity, web applications are increasingly vulnerable to cyber-attacks, which necessitate effective web security tools to identify and mitigate vulnerabilities and threats. Open-source web security tools contributed by the community play a crucial role in detecting such vulnerabilities and threats. However, the multitude of open-source web security tools available often present a challenge for cyber security professionals in terms of syntax variations and inconsistencies across different tools, requiring them to familiarise themselves with multiple tool-specific syntaxes. The team has prototyped a novel new web security tool called Modularised Attack Landscape Analyser (MALA) to combat this. MALA aims to solve the problems faced by cyber security professionals by providing an interface by which commonly used open-source web security tools can be run using a standardised syntax, thereby improving overall productivity of cyber security professionals and easing their burdens as they carry out their work.

History

Journal/Conference/Book title

2023 IEEE International Conference on Service Operations and Logistics, and Informatics (SOLI)

Publication date

2024-02-14

Version

  • Post-print

Rights statement

© 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Corresponding author

Huaqun Guo, huaqun.guo@singaporetech.edu.sg

Project ID

  • 11679 (R-IE2-A405-0002) Investigating Security Situation Awareness against Ransomware Attacks

Usage metrics

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC