Work place: Computer Technologies Department of Muğla Vocational School, Muğla Sıtkı Koçman University, 48000, Mugla, Turkey
E-mail: guncelsariman@mu.edu.tr
Website:
Research Interests: Computer systems and computational processes, Artificial Intelligence, Computational Learning Theory, Data Structures and Algorithms, Information-Theoretic Security
Biography
Güncel Sarıman: He was born in Muğla in 1986. He was graduated from Computer Systems Teaching Department in Faculty of Technical Education in Süleyman Demirel University. He completed his master’s degree in The Department of Computer Engineering in Süleyman Demirel University. He has started his PhD and has been writing his thesis in The Department of Electronic and Communication Engineering in Süleyman Demirel University. He worked as a software engineer in the Computing Division in Suleyman Demirel University between 2010 and 2012. He has worked as a software engineer in the Computing Division in Muğla Sıtkı Koçman University since 2012. He has been working as an Assistant Professor Doctor in school of computer technologies in Muğla Sıtkı Koçman University. He has also worked on Computer, Security, Machine Learning and Artificial Intelligence.
By Guncel SARIMAN Ecir Ugur KUCUKSILLE
DOI: https://doi.org/10.5815/ijitcs.2018.07.01, Pub. Date: 8 Jul. 2018
Security and usability of web and mobile applications where users share their personal information have become to be a factor about which users should be careful. Rapid increase of developers, programming at early ages, desire for earning money by working freelance have caused widespread use of web and mobile applications and an increase of codes which contain vulnerabilities. Safe and good software development is also based on software lessons given to the students in high school or college years. This paper presents a developed testing and evaluation software in order to find out the leakages in the web applications which was developed by using asp.net, php and java languages. It is aimed that the developed analysis tool was designed to be used by engineering students as a training tool, in security courses by trainees and by programmers for testing. Within the scope of the study, security tests of web projects were carried out with static code analysis method in input control, metric analysis and style control phases. For testing the developed software tool, student web projects were used which were downloaded from "www.freestudentprojects.com" website. 10 test projects were tested in the stages of input control, metric analysis and style control. According to the results of the analysis, the errors were concentrated on Structural Query Language Injection and Cross Site Scripting attacks, which were developed by the students due to the lack of security audit in the projects.
[...] Read more.Subscribe to receive issue release notifications and newsletters from MECS Press journals