API vulnerabilities: Current status and dependencies

Touhid Bhuiyan, Afsana Begum, Sharifur Rahman, Imran Hadid

Research output: Contribution to journalArticlepeer-review

Abstract

Recently API (Application Programming Interface) is becoming more popular for developers. When software is designed, most of the time, developers need to use APIs to manage a specific task. Developers use various kinds of APIs. Some of them are built by themselves and some are used from public APIs. API is a set of functions and procedures that allows another program or application to get access to features or data. Public APIs are open in public networks; developers collect these APIs depending on their specific needs. Developers need to interact with other software, as a result, a developer can conduct specific task without authorization to access the entirety of the software. It definitely reduces our loads at the same time introduces risks. In the end every developer wants to ensure security to his/her application. Commonly used public APIs are not enough secure to provide security to confidential data. We focused on these public APIs that are commonly used by developers. We tested a set of public APIs in our security lab and we have found many vulnerabilities that are highly alarming for developers who are going to use these API. In this paper we have tried to introduce the current status of vulnerable APIs. Moreover, several relationships exist between API vulnerabilities. In this paper we have also discussed the dependencies and rela-tionships between API vulnerabilities.
Original languageEnglish
Pages (from-to)9-13
Number of pages5
JournalInternational Journal of Engineering and Technology(UAE)
Volume7
Issue number2
DOIs
Publication statusPublished - 1 Jan 2018
Externally publishedYes

Keywords

  • API
  • API CORS
  • API IDOR
  • API Problems
  • API Security
  • API Vulnerability
  • Public API's
  • Test API vulnerabilities
  • Vulnerability

Fingerprint

Dive into the research topics of 'API vulnerabilities: Current status and dependencies'. Together they form a unique fingerprint.

Cite this