In this era of collaborative computing and networked and shared web applications, ensuring the safety and privacy of data stored in computers and transmitted over the internet has become critically important. Web applications currently hosted are subject to risk and addressing this issue is a primary concern for organizations. Aspect oriented method to inject security concern in to web application is proposed to address this threatening risk. This work gives an outline of this self defense mechanism that should be injected in to a web application. The top vulnerabilities found in web applications are addressed and countermeasures are designed as aspects. These aspects are then injected into the hotspots of web applications. The method used to identify the hotspots is also covered in the paper. It then covers the experimental approach for detecting the vulnerabilities and testing the correctness of the self defense approach. The experiments done with various existing applications revealed so many vulnerabilities. The experiments were also done after injecting the aspect package and found that the web applications were able to defend the vulnerabilities under consideration. The performance of the application before and after injecting the aspect is measured in order to justify the feasibility of the solution.
Web Application, Aspect oriented approach, vulnerability, self defense, cross-site scripting, Sql Injection
