WEB ILOVALARDA UCHRAYDIGAN ZAIFLIKLAR VA ULARNING TAHLILI
Keywords:
Web ilovalar, xavfsizlik, zaifliklar, SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), file inclusion, security misconfiguration, tahlil, himoya choralar.Abstract
Ushbu maqolada web ilovalarda yuzaga keluvchi asosiy xavf-xatarlarga va ularning tahliliga bag‘ishlangan. Hozirgi axborot muhitida veb-ilovalar turli sohalarda, jumladan bank, ta'lim, sog‘liqni saqlash, va davlat xizmatlarida muhim rol o‘ynaydi. Shu sababli, veb-ilovalar xavfsizligi butun axborot tizimlarining xavfsizligi bilan bevosita bog‘liqdir. Maqolada veb-ilovalarda eng ko‘p uchraydigan zaifliklar, jumladan SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), file inclusion va security misconfiguration kabi xavf-xatarlar tahlil qilinadi. Har bir zaiflikning qanday yuzaga kelishi, uning xavf darajasi va himoya choralariga e'tibor qaratilgan.
References
1. OWASP Foundation. (2021). “OWASP Top 10 - 2021.” OWASP Foundation.
2. Shostack, A. (2014). Threat Modeling: Designing for Security. Wiley.
3. Howard, M., LeBlanc, D., & Viega, J. (2012). 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. McGraw-Hill.
4. CWE/SANS Top 25 Most Dangerous Software Errors. (2020). Common Weakness Enumeration.
5. RIST, S. & FERRARI, E. (2020). Practical Web Application Security. O'Reilly Media.
6. OWASP Foundation. (2017). OWASP Web Security Testing Guide (WSTG). OWASP.
