Vulnerability Assessment of Some Key Nigeria Government Websites

Abstract

Ministries, Department and Agencies (MDA‟s) websites are useful constituents for information dissemination and citizen centric services. Various vulnerabilities exist in this websites. In this paper, vulnerabilities found in MDA‟s website are categorized and analyzed based on Open Web Application Security Project (OWASP) Top 10 to understand impact of these vulnerabilities on web security of MDA‟s websites. In this study we have analyzed security pertaining to 10 MDA‟s websites. We found vulnerabilities in all websites with different degree of security risk. To achieve the results we have cross tabulated vulnerabilities found in these websites with their security risk level. As a result the research work found that vulnerability A4insecure direct object reference with 49% is the main contributor of web security risk in MDA‟s websites. Apart from this it is clearly evident that majority of the vulnerabilities found in MDA‟s websites belongs to informational risk group with 45.82% but still few high impacting vulnerabilities exists and needs to be handle without delay. Thus, the paper contributed towards the understanding of web security risk in MDA‟s websites.