Zobrazit v EDS

Evaluation and monitoring of XSS defensive solutions: a survey, open research issues and future directions.

Uloženo v:
Podrobná bibliografie
Název: Evaluation and monitoring of XSS defensive solutions: a survey, open research issues and future directions.
Autoři: Gupta, Shashank, Gupta, B. B.
Zdroj: Journal of Ambient Intelligence & Humanized Computing; Nov2019, Vol. 10 Issue 11, p4377-4405, 29p
Abstrakt: XSS is well-thought-out to be an industry-wide problem that is affecting the diverse contemporary web platforms. The collection of most recent web application reports revealed that XSS reserved the topmost position among all other cyber-attacks. This survey article wishes to present the improvements related to XSS worm defensive methodologies. We have enlarged our discussion to different classes of XSS attacks, i.e., non-persistent, persistent, DOM-Based and mutation-based XSS attacks that has recently stated in the state-of-art. This complete survey offers full vision into the classification, avoidance, recognition and alleviation mechanisms of such attacks. In addition, broad solution classification has been designed for the classification of approaches used by numerous contributions. This article discusses the impact of real world XSS worms and the associated recent real world incidents of such worms. Existing client-side, server-side, proxy-enabled and certain other XSS defensive techniques was presented with an aim to recognize their key contributions and the current performance concerns. In the end, we present certain future research guidelines, a complete mechanism and the associated requirements towards the designing of an effective and robust XSS defensive methodology. [ABSTRACT FROM AUTHOR]
Copyright of Journal of Ambient Intelligence & Humanized Computing is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Databáze: Complementary Index
Popis
Abstrakt:XSS is well-thought-out to be an industry-wide problem that is affecting the diverse contemporary web platforms. The collection of most recent web application reports revealed that XSS reserved the topmost position among all other cyber-attacks. This survey article wishes to present the improvements related to XSS worm defensive methodologies. We have enlarged our discussion to different classes of XSS attacks, i.e., non-persistent, persistent, DOM-Based and mutation-based XSS attacks that has recently stated in the state-of-art. This complete survey offers full vision into the classification, avoidance, recognition and alleviation mechanisms of such attacks. In addition, broad solution classification has been designed for the classification of approaches used by numerous contributions. This article discusses the impact of real world XSS worms and the associated recent real world incidents of such worms. Existing client-side, server-side, proxy-enabled and certain other XSS defensive techniques was presented with an aim to recognize their key contributions and the current performance concerns. In the end, we present certain future research guidelines, a complete mechanism and the associated requirements towards the designing of an effective and robust XSS defensive methodology. [ABSTRACT FROM AUTHOR]
ISSN:18685137
DOI:10.1007/s12652-018-1118-3