A SIMULATION-BASED LEARNING PLATFORM FOR TESTING WEB APPLICATION SECURITY

Abstract

Web applications have become an integral part of the digital world. However, with the increased use of such applications, the number of vulnerabilities has also increased exponentially in recent times. Attackers exploit these vulnerabilities for malicious purposes. One of the main reasons for such exploitation possibilities is the lack of knowledge and proper training of users and developers about such vulnerabilities.  In this paper, we propose a simulation environment for web application vulnerabilities that can be utilized by normal users as well as developers to educate themselves about such vulnerabilities and also test their applications. We develop a customizable framework for the simulation of various stages and levels of vulnerabilities and practical training. Moreover, the security of applications related to the web is improved with such a platform, as it will help users to learn, identify, and assess web application vulnerabilities. Existing learning and simulation environments are very limited and struggle to keep up with the dynamic nature of web applications and emerging attack vectors. Our proposed simulation environment is Intuitive and adaptive, aiming at enhancing web application security testing. The simulation environment is tested by a number of users from various categories to check its effectiveness, accuracy, and user-friendliness compared to the existing tools and environments