IRTUM – Institutional Repository of the Technical University of Moldova
Improving the security of a webservice: best practices and attack simulations
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | ANGHEL, Ana Magdalena | |
| dc.contributor.author | MIHALACHE, Daniel - Cristian | |
| dc.contributor.author | MELNIC, Radu | |
| dc.date.accessioned | 2025-04-25T05:59:02Z | |
| dc.date.available | 2025-04-25T05:59:02Z | |
| dc.date.issued | 2024 | |
| dc.identifier.citation | ANGHEL, Ana Magdalena; Daniel - Cristian MIHALACHE and Radu MELNIC. Improving the security of a webservice: best practices and attack simulations. In: 23rd RoEduNet IEEE International Conference: Networking in Education and Research, Romania, Bucharest, 19-20 September, 2024. Institute of Electrical and Electronics Engineers, 2024, pp.1-5. ISBN 979-83-31540-39-5, eISBN 979-83-31540-38-8, ISSN 2068-1038, eISSN 2247-5443. | en_US |
| dc.identifier.isbn | 979-83-31540-38-8 | |
| dc.identifier.isbn | 979-83-31540-39-5 | |
| dc.identifier.issn | 2247-5443 | |
| dc.identifier.issn | 2068-1038 | |
| dc.identifier.uri | https://doi.org/10.1109/RoEduNet64292.2024.10722558 | |
| dc.identifier.uri | https://repository.utm.md/handle/5014/31020 | |
| dc.description | Access full text: https://doi.org/10.1109/RoEduNet64292.2024.10722558 | en_US |
| dc.description.abstract | Most of the nowadays applications are client-server based. Exposing a webservice is a common practice, but the question is: what happens when the webservice is exposed from a low-level programming language? How can we manage to avoid the most common mistakes which can introduce vulnerabilities into the application? This paper focuses not only on some of the best practices when developing a webservice using C++, but also on improving the security of that webservice. We proposed a series of methods to enhance the security of the application and some of them were validated using an empirical approach. Through comprehensive testing and analysis into a controlled environment, we confirmed that using a digital certificate on the server side can minimize the impact of the famous “man-in-the-middle” attack. We simulated two types of attacks on the developed webservice: a passive one – “sniffing” and an active one – “man-in-the-middle”. The results underscore the fact that webservice security can also be enhanced even if it is developed using a low-level programming language. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Institute of Electrical and Electronics Engineers | en_US |
| dc.rights | Attribution-NonCommercial-NoDerivs 3.0 United States | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/us/ | * |
| dc.subject | webservice security | en_US |
| dc.subject | attack simulations | en_US |
| dc.subject | networking | en_US |
| dc.subject | sniffing | en_US |
| dc.subject | man-in-the-middle | en_US |
| dc.subject | resource management | en_US |
| dc.title | Improving the security of a webservice: best practices and attack simulations | en_US |
| dc.type | Article | en_US |
Files in this item
The following license files are associated with this item:
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 United States