Preprint / Version 1

Cybersecurity and validation methods of online computing systems: a systematic mapping of the literature

Authors

DOI:

https://doi.org/10.62059/LatArXiv.preprints.151

Keywords:

Authentication, Biometrics, Cybercrime, Computer security

Abstract

Context: Web applications are subject to attacks from different locations at various levels of scale and complexity. In this context, both developers and researchers have proposed many techniques, tools and test frameworks to effectively and efficiently test the security of web applications avoiding the rise of cybercrime.
Objective: Our goal is to summarize the state of the art in web application security testing that could benefit professionals to potentially use that information.
Method: We reviewed and structured the body of knowledge related to web application security testing in the form of a systematic literature mapping. In this study, we posed three sets of research questions, defined selection, and exclusion criteria, and systematically developed a classification scheme. The initial group consisted of 1058 articles then after the inclusion/exclusion of articles there were 226 technical articles and applying a last filter there were 13 articles in our final group, this review includes all works until 2023.
Results: This review document provides an overview of security testing of web applications with different types of authentications with a preponderance of biometric validations.

References

A. Elanda and R. Lintang Buana, “ANALISIS KEAMANAN SISTEM INFORMASI BERBASIS WEBSITE DENGAN METODE OPEN WEB APPLICATION SECURITY PROJECT (OWASP) VERSI 4: SYSTEMATIC REVIEW,” 2020. [Online]. Available: www.xyz.com

H. Raúl González Brito, R. Alexander Anglada Martínez, and D. Gainza Reyes, “Architecture of Automated Security Testing for Detecting Vulnerabilities in Web Applications,” Título de Grado, Universidad de las Ciencias Informáticas, La Habana, Cuba, 2020. [Online]. Available: https://www.researchgate.net/publication/310830399

M. Aydos, Ç. Aldan, E. Coşkun, and A. Soydan, “Security testing of web applications: A syste-matic mapping of the literature,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 9. King Saud bin Abdulaziz University, pp. 6775–6792, Oct. 01, 2022. doi: 10.1016/j.jksuci.2021.09.018.

B. A. Kitchenham, D. Budgen, M. Turner, and M. Khalil, “Lessons from applying the systematic literature review process within the software engineering domain,” Journal of Systems and Soft-ware, vol. 80, no. 4, pp. 571–583, Apr. 2007, doi: 10.1016/J.JSS.2006.07.009.

S. Katsikeas, P. Johnson, M. Ekstedt, and R. Lagerström, “Research communities in cyber secu-rity: A comprehensive literature review,” Computer Science Review, vol. 42. Elsevier Ireland Ltd, Nov. 01, 2021. doi: 10.1016/j.cosrev.2021.100431.

I. D. Sánchez-García, T. S. Feliu Gilabert, and J. A. Calvo-Manzano, “Countermeasures and their taxonomies for risk treatment in cybersecurity: A systematic mapping review,” Comput Secur, vol. 128, p. 103170, May 2023, doi: 10.1016/j.cose.2023.103170.

J. C. Sepulveda Marin, “Análisis de la efectividad de los modelos de au-tenticación 2FA Y MFA de acuerdo a los algoritmos y protocolos aplicados en la seguridad de cuentas de servicios y plataformas on line,” Trabajo de Grado, UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA – UNAD, Colombia, 2022.

R. Ryu, S. Yeom, D. Herbert, and J. Dermoudy, “The design and evaluation of adaptive biometric authentication systems: Current status, challenges and future direction,” ICT Express. Korean Institute of Communication Sciences, 2023. doi: 10.1016/j.icte.2023.04.003.

E. A. Debas, R. S. Alajlan, and M. M. Hafizur Rahman, “Biometric in Cyber Security: A Mini Review,” in 5th International Conference on Artificial Intelligence in Information and Commu-nication, ICAIIC 2023, Institute of Electrical and Electronics Engineers Inc., 2023, pp. 570–574. doi: 10.1109/ICAIIC57133.2023.10067017.

Á. V. Moreno, F. M. Reyes, and A. M. & de los Santos, “Beneficios de sistemas biométricos basados en lectura de Iris,” Perfiles de Ingeniería, vol. v1, no. (18), pp. 51–66, 2022, Accessed: Jun. 05, 2023. [Online]. Available: http://revistas.urp.edu.pe/index.php/Perfiles_Ingenieria/arti-cle/download/5398/7093

A. B. Torres, F. G. Rendón, and J. F. Gutiérrez, “Revisión de las técnicas de inteligencia artificial aplicadas en seguridad informática,” Revista Ontare, vol. 7, 2020, doi: 10.21158/23823399.v7.n0.2019.2612.

G. M. Esquivel, “Delitos informáticos en las entidades bancarias-suplantación de identidad,” Trabajo de Grado, Universidad de las Américas, Lima, Perú, 2022. Accessed: May 08, 2023. [Online]. Available: http://repositorio.ulasamericas.edu.pe/handle/upa/1953

J. David, C. Paez, J. Esteban, and B. Gonzalez, “Autenticación, autorización y acceso a través del uso de una identidad digital descentralizada (DID),” Trabajo de Grado, Universidad de Los Andes, Bogota, 2022.

A. Toscano, G. David, B. Piña, and J. Antonio, “Análisis de la seguridad de aplicaciones móviles bancarias,” Trabajo de Grado, Universidad Estatal de Milagro, Ecuador, 2019.

A. Kruzikova, L. Knapova, D. Smahel, L. Dedkova, and V. Matyas, “Usable and secure? User perception of four authentication methods for mobile banking,” Comput Secur, vol. 115, Apr. 2022, doi: 10.1016/j.cose.2022.102603.

Downloads

Download data is not yet available.

Downloads

Posted

2024-07-17

Categories

Data Availability Statement

https://www.researchgate.net/

License

Copyright (c) 2024 Alfredo Horacio Rios (Autor/a)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

This preprint contains the reported license and associated copyright. Once published in an associated journal or other publisher, the published version assumes the publisher's terms and conditions.