A master thesis from Aalborg University
Nidan - A Security Search Engine for The World Wide Web
Term
4. term
Education
Publication year
2019
Submitted on
2019-06-03
Pages
43 pages
Abstract
In this report, the development and usage of Nidan and KNAS are described. Nidan is a systematic webcrawler which collects all loaded JavaScript, cookies, and related metadata and stores it in a well-strutured relational database. KNAS is a data-processing tool that detects vulnerabilities connected to each visted website. These include vulnerabilities in the implemented JavaScript libraries, CMSs, and server software. Nidan and KNAS has been tested on around 2 % of the entire .dk zone file. This test showed that KNAS detected vulnerable software on 40.47 % of the websites. 92.49 % of the vulnerable websites have vulnerabilities from last year or older, meaning that the vast majority of vulnerable sites rarely update their software. From the data collected by Nidan, it is also possible to analyze the cookies. Since Nidan makes no interaction with the websites other than visiting, all tracking cookies sat break the GDPR and EU's cookie law.
Keywords
Documents
Colophon: This page is part of the AAU Student Projects portal, which is run by Aalborg University. Here, you can find and download publicly available bachelor's theses and master's projects from across the university dating from 2008 onwards. Student projects from before 2008 are available in printed form at Aalborg University Library.
If you have any questions about AAU Student Projects or the research registration, dissemination and analysis at Aalborg University, please feel free to contact the VBN team. You can also find more information in the AAU Student Projects FAQs.