Towards Secure APIs: A Survey on RESTful API Vulnerability Detection
Guardado en:
| Publicado en: | Computers, Materials, & Continua vol. 84, no. 3 (2025), p. 4223-4258 |
|---|---|
| Autor principal: | |
| Otros Autores: | , , |
| Publicado: |
Tech Science Press
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text - PDF |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3238361630 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 1546-2218 | ||
| 022 | |a 1546-2226 | ||
| 024 | 7 | |a 10.32604/cmc.2025.067536 |2 doi | |
| 035 | |a 3238361630 | ||
| 045 | 2 | |b d20250101 |b d20251231 | |
| 100 | 1 | |a Fatima Tanveer | |
| 245 | 1 | |a Towards Secure APIs: A Survey on RESTful API Vulnerability Detection | |
| 260 | |b Tech Science Press |c 2025 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a RESTful APIs have been adopted as the standard way of developing web services, allowing for smooth communication between clients and servers. Their simplicity, scalability, and compatibility have made them crucial to modern web environments. However, the increased adoption of RESTful APIs has simultaneously exposed these interfaces to significant security threats that jeopardize the availability, confidentiality, and integrity of web services. This survey focuses exclusively on RESTful APIs, providing an in-depth perspective distinct from studies addressing other API types such as GraphQL or SOAP. We highlight concrete threats—such as injection attacks and insecure direct object references (IDOR)—to illustrate the evolving risk landscape. Our work systematically reviews state-of-the-art detection methods, including static code analysis and penetration testing, and proposes a novel taxonomy that categorizes vulnerabilities such as authentication and authorization issues. Unlike existing taxonomies focused on general web or network-level threats, our taxonomy emphasizes API-specific design flaws and operational dependencies, offering a more granular and actionable framework for RESTful API security. By critically assessing current detection methodologies and identifying key research gaps, we offer a structured framework that advances the understanding and mitigation of RESTful API vulnerabilities. Ultimately, this work aims to drive significant advancements in API security, thereby enhancing the resilience of web services against evolving cyber threats. | |
| 653 | |a Web services | ||
| 653 | |a Taxonomy | ||
| 653 | |a Application programming interface | ||
| 653 | |a Static code analysis | ||
| 653 | |a Design defects | ||
| 700 | 1 | |a Iradat, Faisal | |
| 700 | 1 | |a Iqbal, Waseem | |
| 700 | 1 | |a Ahmad, Awais | |
| 773 | 0 | |t Computers, Materials, & Continua |g vol. 84, no. 3 (2025), p. 4223-4258 | |
| 786 | 0 | |d ProQuest |t Publicly Available Content Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3238361630/abstract/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3238361630/fulltextPDF/embedded/6A8EOT78XXH2IG52?source=fedsrch |