This Is AuburnElectronic Theses and Dissertations

A Survey of Web Vulnerabilities

Date

2015-05-06

Author

Fogel, Benjamin

Type of Degree

Master's Thesis

Department

Computer Science

Abstract

This study tracked the patching characteristics of the top 100,000 sites to three vulnerabilities: the POODLE attack, the POODLE TLS attack, and the FREAK attack. The study also carried out a survey on top server administrators asking specific questions of the POODLE attack and general questions about an administrator's decision process. The goal was to identify how the web reacts and responds to known vulnerabilities in addition to finding characteristics and tendencies of secure websites. Our research found a slow, yet steady patching rate for all vulnerabilities for most sites. Additionally, our research found little evidence that a site vulnerable to one vulnerability would be vulnerable to another. Lastly, our research found that server administrators are not able to keep with the evolving world of web vulnerabilities due to greater concerns of compatibility and server up time.