Title Vulnerability testing and analysis of educational institution websites within lithuania
Translation of Title Lietuvos švietimo įstaigų svetainių pažeidžiamumo testavimas ir analizė.
Authors Kovalenkinaitė, Goda Klaudija
Full Text Download
Pages 54
Keywords [eng] Vulnerability Testing, Automated Testing, ZAP, N-Stalker, DBSCAN, K-Means, Gaussian Mixture, t-SNE, MDS
Abstract [eng] The security of web application is an integral part of ensuring the safety of humans and their data in today's increasingly connected world. Web-based systems are often a target to cyber attacks, thus vulnerability testing is a critical process in computer systems and networks security. Automated scanners, two of which been chosen for the thesis, ZAP and N-Stalker, have been an effective tool for identifying vulnerabilities in cost-less and timely manner. This thesis presents a study of the use of automated scanners on 100 websites within educational institutions. It can be challenging to determine which tool is best suited for a particular testing scenario, therefore the comparison between the scanners was done using clustering methods of DBSCAN, K-Means and Gaussian Mixture. Therewithal scaling and dimensionality reduction of t-SNE and MDS were applied for better implications and visualizations of the data. An observation occurred that DBSCAN provided highest Silhouette Scores and Calinksi-Harabasz index, thus performing better than K-Means and Gaussian Mixture algorithms. It was also concluded that from 56\% to 92\% of websites fell into same clusters, across the three clustering algorithms, illustrating the similarities between the scanner vulnerability detection.
Dissertation Institution Vilniaus universitetas.
Type Master thesis
Language English
Publication date 2023