OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

Communications and Network 2021

Analysis and Evaluation of Performance Related to Java and PHP Security Codes

DOI: 10.4236/cn.2021.131004, PP. 36-49

Fontaine Rafamantanantsoa, Rabetafika Louis Haja, Randrianomenjanahary Lala Ferdinand

Keywords: Applications, Attacks, XSS, Security, Java, PHP, Performances

Full-Text Cite this paper Add to My Lib

Abstract:

In recent years, Internet exposure of applications continuously engenders new forms threats that can endanger the security of the entire system and raises many performance issues related to code security. The safety of information systems becomes essential. This is why the performance linked to security codes is of importance essential in the security systems of all companies. Indeed, as contribution, to carry out measurements, it appropriates tools that are the JMH tool (Java Microbenchmark Harness) and the PHP Benchmark script tool which include unsecure java and PHP codes and secured against SQL (Structured Query Language) injection, XSS (Cross Site Scripting) i.e., using prepared requests, stored procedures, validation of input from white lists, reinforcement of minimum privilege, when sending requests from the last ones to MySQL databases and Postgresql. We recover the times of response to his requests. From java codes and PHP (Hypertext Preprocessor) secure, we also retrieve the response time for requests to databases MySQL and PostgresqL data. We then obtain the curves and interpretations comparing performance related to security and non-security of codes. The goal is to analyze and evaluate the performance comparing secure Java and PHP code against unsecure java and PHP code using MySQL and Postgresql databases. In Section 1, we presented the performance of the code Java and PHP. The configuration of the experiments and the experimental results are discussed in Sections 2 and 3, respectively. Use of suitable tool which is the JMH tool and the PHP Benchmark script tool, we have developed in Java 1.8 and PHP 7.4 secure and non-secure codes that send the queries to the MySQL or Postgresql database to carry out the measurements which led to the conclusion that the insecure PHP and Java codes are faster in terms of response time compared to the PHP and Java secure codes as the number of tables linked to the query increases because the blocking times of SQL injection and XSS preventions linked to its secure codes are increasing.

References

[1]	Makiou, A. (2016) Web Application Security: Analyzing, Modeling, and Detecting Machine Learning Attacks.
[2]	Benali, F. (2009) Modeling and Automatic Classification of Security Information.
[3]	Hall, G. and Watson, E. (2016) Computer Hacking, Security Testing Penetration Testing and Basic Testing.
[4]	Engebretson, P. (2011) The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. Elsevier, Amsterdam. https://doi.org/10.1016/B978-1-59749-655-1.00001-5
[5]	Weidman, G. (2018) Penetration Testing: A Hands-On Introduction to Hacking.
[6]	Allsopp, W. (2018) Advanced Penetration Testing: Hacking the World’s Most Secure Networks. John Wiley & Sons, Inc., Hoboken. https://doi.org/10.1002/9781119367741
[7]	Sahay, U. (2013) Hack-x-Crypt. A Straight Forward Guide towards Ethical Hacking and Cyber Security.
[8]	Stuttard, D. and Pinto, M. (2018) The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws. 2nd Edition.
[9]	Vache-Marconato, G. (2009) Quantitative Evaluation of Computer Security: Approach by Vulnerabilities.
[10]	Anley, C., Heasman, J., Lindner, F. and Richarte, G. (2018) The Shellcoder’s Handbook: Discovering and Exploiting Security Holes. 2nd Edition.
[11]	Yaworski, P. (2018) Web Hacking 101.
[12]	Elien, F. (2013) The Performance of Information Systems.
[13]	Yende, R. (2018) Safety Course Support.
[14]	Mazri, C. (2015) Safety Management by Performance Indicators.
[15]	El Hamzaoui, M., Bensalah, F. and Rachid, H. (2017) Contribution of the Management of Computer Networks to the Performance of Business Management: A New Theoretical Model for Effective Business Management.
[16]	Holzinger, P.A. (2019) A Systematic Analysis and Hardening of the Java Security Architecture.
[17]	Kahanwal, B. (2013) Performance Evaluation of Java File Security System.
[18]	Babatunde, J. (2015) Evaluating the Impact of Security Measures on Performance of Secure Web Applications Hosted on Virtualized Platforms.

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133