Cyber Times International Journal of Technology & Management

The security of web application has gained a lot of attention since the sensitive data are available through website. In this paper, we review the latest web attacks and its security issues, analysis of the various attacks, suggestions of the measures that can combat or lessen the attacks on the vulnerabilities. The System administrators are dependent on intrusion detection tools to protect their systems against SQL Injection, XSS and other dangerous security threats in database-centric web applications. But the real effectiveness of these tools is usually unknown, which may lead the administrators to put an unjustifiable level of trust in the tools they use. The assessed tools are less effective and only on certain situations it can perform well. It shows a limitation in detection of attacks by the current intrusion detection tools. We underline the strengths and weaknesses of the tools assessed based on their properties.