Abstract
![CDATA[The widespread adoption of web vulnerability scanners and their differences in effectiveness make it necessary to benchmark these scanners. Moreover, the literature lacks the comparison of the results of scanners effectiveness from different benchmarks. In this paper, we first compare the performances of some open source web vulnerability scanners of our careful choice by running them against the OWASP benchmark, which is developed by the Open Web Application Security Project (OWASP), a well-known non-profit web security organization. Furthermore, we compare our results from the OWASP benchmark with the existing results from the Web Application Vulnerability Security Evaluation Project (WAVSEP) benchmark, another popular benchmark used to evaluate scanner effectiveness. We are the first to make a comparison between these two benchmarks in literature. Our evaluation results allow us to make some valuable recommendations for the practice of benchmarking web scanners.]]
Original language | English |
---|---|
Title of host publication | Proceedings of the 26th International Conference on Systems Engineering (ICSEng 2018), December 18-20, 2018, University of Technology Sydney, Australia |
Publisher | IEEE |
Number of pages | 6 |
ISBN (Print) | 9781538678343 |
DOIs | |
Publication status | Published - 2018 |
Event | International Conference on Systems Engineering - Duration: 18 Dec 2018 → … |
Conference
Conference | International Conference on Systems Engineering |
---|---|
Period | 18/12/18 → … |
Keywords
- World Wide Web
- computer security
- security measures
- web applications