well the topic is "Web Security". And how it is used in modern web sites , browsers n all

Web Security
Web Security
Student Name
University Name
Unit Name
Unit Code
Contents
Abstract    3
Introduction    3
Research Objective    4
Literature Review    5
Research methodology    14
Conclusion    15
References    16
Abstract
For a long time, cybersecurity has been one of the hottest research areas, both in analysis and testing and in later mitigation strategies. The Web security menaces have experienced a lot of complexity as compared to the primary introduction; in addition, they are getting more and more evolved daily. The target of the attack has undergone considerable changes in the recent years. Previously, customers were overlooked when selecting targets. However, in the recent years, client users have become the key target of the attack, because the opponent believes that end user is the weakest link in the safety chain. As a result of all these modern developments, the traditional security devices cannot be used to detect or analyze attacks against these new attacks. In this context, this report provides a brief introduction to "web security" and how to use it in modern websites such as browsers.
Introduction
There has been a lot of work in the past, so various counter notifications have been developed to reduce the cybersecurity threats. The available research levels or strategies available in practice can be broadly divided into two categories: Anomaly and learning-based methods. There are advantages and disadvantages to each method. The exception-based approach depends on actions, traffic patterns, generated scenarios, and attack characteristics. They require detailed logging/history maintenance to collect the so-called "attack signature" for continuous and rapid updates of the attack set, "attack signature database" under the attack. Also, due to synchronization problems with attack signature database, they cannot work and cannot find out what has not been seen in the past. On the other hand, a learning-based approach is a characteristic of learning behaviours and techniques for the attack, such as hooking in some API / system calls. It is often difficult to develop because "smart" requires a mechanism just like the device. Nevertheless, learning-based methods are very effective compared to exception-based methods because they can learn and defend against new attacks that can be recorded in history, fast and without sync problems, because "attacks Signature library "is not included. And there is no resource overhead. The serious lack of learning-based method is that they are prone to false positive numbers.
Research Objective
Web security analysis conducted by various stakeholders shows that cybersecurity threats are usually caused by website coding or programming errors, and poor website input and output. These errors exploit the vulnerability of the hacker community and launch an attack on the site. The safety of web applications, fundamental operating systems as well as computer networks is at the risk. The presence and use path of the access path on the web system can be continuously assessed in order to evaluate the risk level of business. The type of cyber attack introduced by the hackers depends upon several factors. Maximum factors are specific to cyber attacks and will be discussed in this article (Jewliya, 2017).
The main purpose of this study is to control or minimize the risk of web attacks on the nature of web attacks, the details of the vulnerabilities, the level of risk that can be triggered and organizational information and business operations. With the significant increase in Internet usage, web security risks have increased in the name of profanity, hacking or network destruction. A threat is a factor which causes anxiety or fear, especially due to later events (results). Cybersecurity threats are mounting and creating fears of organizations or individuals.
Literature Review
According to the study conducted by (Chaudhry, Farash, Naqvi, Kumari & Khan, 2015) on the basis of various methods, the proposal of several techniques and tools have been proposed to reduce security attacks for some time, which are useful for detecting, analyzing or preventing attacks. The exception-based approach is described in detail and generalization and attribution techniques have been used to detect cyber attacks. This article discusses the techniques used in detail, facing problems, and so on. Based on static program analysis, a general intrusion detection system has been expanded. The multi-model approach to detect web attacks. Regarding malware, the reference discusses the extent of the use of static analysis techniques to detect malware in detail. According to (Lee, 2014), a web browser is a commonly utilized software application to access web pages and resources using Internet. According to (Collie, 2018) the browser can likewise be utilized to access the information provided by files in a web server or to access file systems in a private network. At per Jewliya, (2017) the most common web browsers to date are Google Chrome, Firefox, Microsoft Edge (formerly Internet Explorer) opera and safari. Given the sensitivity of these different web browsers to manipulate information, they primarily target a series of terrorist acts, for example, identity theft, intelligence gathering, malware distribution etc. to cybercriminals. Djellali, Belarbi, Chouarfia & Lorenz, (2015) gives a list of some best practices and techniques. Help computer users browse the Internet safely and securely (Djellali B. C., 2015). Users must use the latest version of the user's chosen web browser. Specifically, Chrome and Firefox have security features called Automatic Updates. The browser plugin is the extension that detects functionality of the web browser further. Few extensions are created utilizing web technologies, for example, HTML, CSS and JavaScript. Few web browsers may install malicious and unwanted extensions in the browser, for instance, adware. Most of the infections are due to the download as well as the installation of free software. Singh, Bhardwaj & Abdul Qadeer, (2012), states that each web browser has built-in capabilities to view the built-in plugin and select the plugin that is enabled. Almost all modern web browsers and many websites often provide auto-complete functionality. As per Djellali, Belarbi, Chouarfia & Lorenz, (2015) enabling these features passwords are stored on your computer at any location, so network attackers make it easy to access those passwords so that it can be ascertained whether the system has been compromised or not. If the user has enabled this feature, disable it then clear stored passwords (Djellali B. C., 2015). A different password for each financial account such as email and online banking accounts should be used. Reusing a single password is a big risk. For instance, if a network attacker calculates a password for an account, they can access personal information. Freeman, in his study of (2010) states that it is significant to utilize numbers in a password, and it is difficult to guess the combination of symbols and uppercase and lowercase letters (Freeman, 2010). Pop-ups are generally the forms of an online advertising used to run web traffic or to capture email addresses. A novel web browser window opens to display a pop-up window ad. While many emails and pop-up from reputed companies are harmless, adware programs that make illegal malware pop-ups along with malware spam may install spyware to hijack the browser and obtain personal information. It is highly suggested to disable pop-ups via browser configuration or install an effective browser extension named Adblock. Gradon, (2013) states that there is also need to install the NoScript, which "pre-populates malicious script and adware. VPN or virtual private network technology allows anyone to connect securely to private networks using public networks. VPN encrypts all Internet traffic. Therefore, all users' information and data are more. The proxy server is another way of securing mission-critical files online, proxy settings can be discovered on the internet browser. As per (Jones, 2001) users also need to utilize an Internet-based proxy or proxy server, or a combination of both (Jones, 2001).
Since the early days as a pure research project, the...