Organizing Classification of Application Logic Attacks in Component-based E-Commerce Systems
- 1 University of Southern Queensland, Australia
- 2 USQ, Australia
- 3 MIT, Australia
Abstract
This research paper addresses the topic of application logic attack taxonomy that is due to unclear and incorrect implementation in component-based applications. The issue addresses the detection and classification of two separate types of vulnerabilities in component-based applications. The paper completes this aim through organising the classification of each attack and then proposes the classification of logical vulnerabilities and discusses the two distinct forms of weakness and coding faults in the application software found in the mid-level of the framework. The most important argument is to desegregate awareness of attack patterns with boundary profile status relevant to an application logic vulnerability and possible threats. Having review of two different types of attack taxonomies, a logical vulnerability classification based taxonomy is proposed.
DOI: https://doi.org/10.3844/jcssp.2021.1046.1058
Copyright: © 2021 Faisal Nabi, Jianming Yong, Xiaohui Tao, Muhammad Farhan and Nauman Naseem. This is an open access article distributed under the terms of the
Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 2,825 Views
- 1,191 Downloads
- 2 Citations
Download
Keywords
- E-Commerce
- Web Software Application
- CBS Design Flaws
- Logical Attack
- Vulnerability and Taxonomy
- Software Security Flaw