A NOVEL FRAMEWORK TO ALLEVIATE DISSEMINATION OF XSS WORMS IN ONLINE SOCIAL NETWORK (OSN) USING VIEW SEGREGATION
In this paper, we propose a client-server based framework that alleviates the dissemination of XSS worms from the OSN. The framework initially creates the views corresponding to retrieved request on the server-side. Such views indicate that which part of the generated web page on the server can be a...
Gespeichert in:
| Veröffentlicht in: | Neural Network World Jg. 27; H. 1; S. 5 - 25 |
|---|---|
| Hauptverfasser: | , |
| Format: | Journal Article |
| Sprache: | Englisch |
| Veröffentlicht: |
Prague
Institute of Information and Computer Technology
01.01.2017
Czech Technical University in Prague, Faculty of Transportation Sciences |
| Schlagworte: | |
| ISSN: | 1210-0552, 2336-4335 |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | In this paper, we propose a client-server based framework that alleviates the dissemination of XSS worms from the OSN. The framework initially creates the views corresponding to retrieved request on the server-side. Such views indicate that which part of the generated web page on the server can be accessed by user depending on the generated Access Control List (ACL). Secondly, JavaScript attack vectors are retrieved from the HTTP response by referring the blacklist repository of attack vectors. Finally, injection of sanitization primitives will be done on the client-side in place of extracted JavaScript attack vectors. The framework will perform the sanitization on such attack vectors strictly in a context-aware manner. The experimental testing of our framework has performed on the two platforms of open source OSN-based web applications. The observed detection rate of JavaScript attack vectors was effective and acceptable as compared to other existing XSS defensive methodologies. The proposed framework has optimized the method of auto-context-aware sanitization in contrast to other existing approaches and hence incurs a low and acceptable performance overhead. |
|---|---|
| AbstractList | In this paper, we propose a client-server based framework that alleviates the dissemination of XSS worms from the OSN. The framework initially creates the views corresponding to retrieved request on the server-side. Such views indicate that which part of the generated web page on the server can be accessed by user depending on the generated Access Control List (ACL). Secondly, JavaScript attack vectors are retrieved from the HTTP response by referring the blacklist repository of attack vectors. Finally, injection of sanitization primitives will be done on the client-side in place of extracted JavaScript attack vectors. The framework will perform the sanitization on such attack vectors strictly in a context-aware manner. The experimental testing of our framework has performed on the two platforms of open source OSN-based web applications. The observed detection rate of JavaScript attack vectors was effective and acceptable as compared to other existing XSS defensive methodologies. The proposed framework has optimized the method of auto-context-aware sanitization in contrast to other existing approaches and hence incurs a low and acceptable performance overhead. |
| Author | B.B. Gupta P. Chaudhary |
| Author_xml | – sequence: 1 givenname: Pooja surname: Chaudhary fullname: Chaudhary, Pooja – sequence: 2 givenname: B. B. surname: Gupta fullname: Gupta, B. B. |
| BookMark | eNp9kTFv2zAQRokgBeok3TsS6JIOco-kKEqj4NIuUZkCLMXORtASBShwpFSSh_77MnKHNkOmwwHv-3CHd4Ouu75zCH0msCQhI-Sb1oclBSKWVCwByBVaUMaiIGSMX6MFoQQC4Jx-RDfj-AQQ8iQOF6hPsc73MsPrXbqVh3z3E5c5TrNM7lVaSvxdFYXcKp2WKtc4X-PHosAe2xZY-V1nSktc5CuVZljLci64zwv9FT8USm_wXskDLuRmJzdzxR360NjT6D79nbfoYS3L1Y8gyzdqlWaBZVE0BbZOasvA_9MwcJbVjnBWN8Q5SCrB6sTxmh55DZGohYvDyIkoEUdojlXlBOPsFt1fel-G_tfZjZN5bsfKnU62c_15NCSBkAJnPPbolzfoU38eOn-dIXEcC855SDwVXahq6MdxcI2p2slObd9Ng21PhoCZPRjvwbx6MFQY78EH4U3wZWif7fD7vYi8RGw7tFP7zz3e4qvEmYZ5xMBpCECj_xduKGd_ABcWlSo |
| CitedBy_id | crossref_primary_10_1016_j_scs_2022_103765 crossref_primary_10_3390_s22051959 crossref_primary_10_1109_TNSE_2018_2862948 crossref_primary_10_1016_j_jisa_2019_06_007 crossref_primary_10_1016_j_jss_2017_11_001 crossref_primary_10_1109_ACCESS_2017_2700011 crossref_primary_10_1109_ACCESS_2019_2955983 crossref_primary_10_1016_j_future_2018_05_017 crossref_primary_10_1007_s00500_020_05077_2 crossref_primary_10_1007_s00500_019_03901_y crossref_primary_10_1007_s11042_017_5402_6 crossref_primary_10_1109_ACCESS_2020_3016986 crossref_primary_10_4018_IJCAC_2018070103 |
| ContentType | Journal Article |
| Copyright | Copyright Czech Technical University in Prague, Faculty of Transportation Sciences 2017 |
| Copyright_xml | – notice: Copyright Czech Technical University in Prague, Faculty of Transportation Sciences 2017 |
| DBID | 188 AAYXX CITATION 3V. 4T- 4U- 7SC 7XB 88I 8AL 8FD 8FE 8FG 8FK ABUWG AFKRA ARAPS AZQEC BENPR BGLVJ BYOGL CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- L7M L~C L~D M0N M2P P5Z P62 PHGZM PHGZT PKEHL PQEST PQGLB PQQKQ PQUKI PRINS PSYQQ Q9U |
| DOI | 10.14311/NNW.2017.27.001 |
| DatabaseName | Airiti Library CrossRef ProQuest Central (Corporate) Docstoc University Readers Computer and Information Systems Abstracts ProQuest Central (purchase pre-March 2016) Science Database (Alumni Edition) Computing Database (Alumni Edition) Technology Research Database ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) (purchase pre-March 2016) ProQuest Central (Alumni) ProQuest Central UK/Ireland Advanced Technologies & Computer Science Collection ProQuest Central Essentials - QC ProQuest Central ProQuest Technology Collection East Europe, Central Europe Database (ProQuest) ProQuest One Community College ProQuest Central Korea ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection Computer Science Database Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional Computing Database Science Database (ProQuest) Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection Proquest Central Premium ProQuest One Academic (New) ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China ProQuest One Psychology ProQuest Central Basic |
| DatabaseTitle | CrossRef ProQuest One Psychology University Readers Computer Science Database ProQuest Central Student Technology Collection Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection Computer and Information Systems Abstracts ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Central China ProQuest Central ProQuest One Applied & Life Sciences ProQuest Central Korea ProQuest Central (New) Advanced Technologies Database with Aerospace Advanced Technologies & Aerospace Collection ProQuest Computing ProQuest Science Journals (Alumni Edition) ProQuest Central Basic ProQuest Science Journals ProQuest Computing (Alumni Edition) ProQuest One Academic Eastern Edition East Europe, Central Europe Database ProQuest Technology Collection ProQuest SciTech Collection Computer and Information Systems Abstracts Professional Advanced Technologies & Aerospace Database ProQuest One Academic UKI Edition Docstoc ProQuest One Academic ProQuest Central (Alumni) ProQuest One Academic (New) |
| DatabaseTitleList | Computer and Information Systems Abstracts ProQuest One Psychology |
| Database_xml | – sequence: 1 dbid: BYOGL name: East Europe, Central Europe Database (ProQuest) url: https://search.proquest.com/eastcentraleurope sourceTypes: Aggregation Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 2336-4335 |
| EndPage | 25 |
| ExternalDocumentID | 4321756955 10_14311_NNW_2017_27_001 12100552_201702_201805240026_201805240026_5_25 |
| Genre | Feature |
| GroupedDBID | 123 188 29N 2UF 3V. 53G 88I 8FE 8FG 8R4 8R5 ABUWG ACGOD AENEX AFKRA AINHJ ALMA_UNASSIGNED_HOLDINGS ARAPS AZQEC BENPR BGLVJ BPHCQ BYOGL CCPQU CNMHZ CVCKV DWQXO EOJEC GNUQQ HCIFZ K6V K7- M0N M2P OBODZ P2P P62 PQQKQ PROAC PSYQQ Q2X TUS TUXDW UZ4 AAYXX ADMLS AFFHD ATFKH CITATION PHGZM PHGZT PQGLB 4T- 4U- 7SC 7XB 8AL 8FD 8FK JQ2 L7M L~C L~D PKEHL PQEST PQUKI PRINS Q9U |
| ID | FETCH-LOGICAL-a366t-ad9da30201f30ea3de153df1ee09c73d9e5d2b5d067d7e846e7697b0fbcce7353 |
| IEDL.DBID | M2P |
| ISICitedReferencesCount | 19 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000396645200002&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 1210-0552 |
| IngestDate | Sun Nov 09 10:28:49 EST 2025 Sun Oct 05 00:21:51 EDT 2025 Sat Nov 29 03:19:00 EST 2025 Tue Nov 18 21:32:36 EST 2025 Tue Oct 01 22:53:24 EDT 2024 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Keywords | Cross-Site Scripting (XSS) worms online social network security URI links |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a366t-ad9da30201f30ea3de153df1ee09c73d9e5d2b5d067d7e846e7697b0fbcce7353 |
| Notes | SourceType-Scholarly Journals-1 ObjectType-Feature-1 content type line 14 ObjectType-Article-1 ObjectType-Feature-2 content type line 23 |
| PQID | 1888755541 |
| PQPubID | 2036027 |
| PageCount | 21 |
| ParticipantIDs | proquest_miscellaneous_1904205358 proquest_journals_1888755541 crossref_citationtrail_10_14311_NNW_2017_27_001 crossref_primary_10_14311_NNW_2017_27_001 airiti_journals_12100552_201702_201805240026_201805240026_5_25 |
| PublicationCentury | 2000 |
| PublicationDate | 2017-01-01 |
| PublicationDateYYYYMMDD | 2017-01-01 |
| PublicationDate_xml | – month: 01 year: 2017 text: 2017-01-01 day: 01 |
| PublicationDecade | 2010 |
| PublicationPlace | Prague |
| PublicationPlace_xml | – name: Prague |
| PublicationSubtitle | International Journal on Neural and Mass - Parallel Computing and Information Systems |
| PublicationTitle | Neural Network World |
| PublicationYear | 2017 |
| Publisher | Institute of Information and Computer Technology Czech Technical University in Prague, Faculty of Transportation Sciences |
| Publisher_xml | – name: Institute of Information and Computer Technology – name: Czech Technical University in Prague, Faculty of Transportation Sciences |
| SSID | ssj0045984 |
| Score | 2.1592412 |
| Snippet | In this paper, we propose a client-server based framework that alleviates the dissemination of XSS worms from the OSN. The framework initially creates the... |
| SourceID | proquest crossref airiti |
| SourceType | Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 5 |
| SubjectTerms | Acceptability Access control Applications programs Client server computing Java (programming language) Network security Neural networks Platforms Repositories Segregations Social networks |
| Title | A NOVEL FRAMEWORK TO ALLEVIATE DISSEMINATION OF XSS WORMS IN ONLINE SOCIAL NETWORK (OSN) USING VIEW SEGREGATION |
| URI | https://www.airitilibrary.com/Article/Detail/12100552-201702-201805240026-201805240026-5-25 https://www.proquest.com/docview/1888755541 https://www.proquest.com/docview/1904205358 |
| Volume | 27 |
| WOSCitedRecordID | wos000396645200002&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVPQU databaseName: Advanced Technologies & Aerospace Database customDbUrl: eissn: 2336-4335 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0045984 issn: 1210-0552 databaseCode: P5Z dateStart: 20130701 isFulltext: true titleUrlDefault: https://search.proquest.com/hightechjournals providerName: ProQuest – providerCode: PRVPQU databaseName: Computer Science Database customDbUrl: eissn: 2336-4335 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0045984 issn: 1210-0552 databaseCode: K7- dateStart: 20130701 isFulltext: true titleUrlDefault: http://search.proquest.com/compscijour providerName: ProQuest – providerCode: PRVPQU databaseName: East Europe, Central Europe Database (ProQuest) customDbUrl: eissn: 2336-4335 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0045984 issn: 1210-0552 databaseCode: BYOGL dateStart: 20130701 isFulltext: true titleUrlDefault: https://search.proquest.com/eastcentraleurope providerName: ProQuest – providerCode: PRVPQU databaseName: ProQuest Central customDbUrl: eissn: 2336-4335 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0045984 issn: 1210-0552 databaseCode: BENPR dateStart: 20130701 isFulltext: true titleUrlDefault: https://www.proquest.com/central providerName: ProQuest – providerCode: PRVPQU databaseName: Science Database customDbUrl: eissn: 2336-4335 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0045984 issn: 1210-0552 databaseCode: M2P dateStart: 20130701 isFulltext: true titleUrlDefault: https://search.proquest.com/sciencejournals providerName: ProQuest |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV3NT9swFLcG7LDLYF9aB1SetMM4ZM2X6_iyKQO3i0idqumg4hIltiMhTS3Qsr9_fk5SrRcuXBJZcZ4t_ez34We9H0JfCDVORxgFjpLMBCisjJzKJ8psd60iWVWedGtLNkGFiBYLNm0P3NbttcpOJ1pFrVYSzsgHngnVKDHGz_txd-8AaxRkV1sKjT10YDwbD650Tfxpp4lDwizjMNTIclxC_DZNaWymNxDiGi520W8-1DCENGV5C2WEdu3Trnq2Nmd0-NzZHqHXrbeJ42Z5vEEv9PItOuyYHHC7sd-hVYxFdsVTPJrFE36dzS7xPMNxmvKrJJ5zfJHkuQGsKZ2LsxFe5Dk23SY5TkxbpIngOM_OkzjFgs-tgK9ZLs4w0HqMMdzAwDkfz_jYiniPfo_4_PyX01IxOGUwHG6cUjFVBsa19OrA1WWgtNGUqva0dpmkgWKaKL8iytg-RbXxaTQdMlq5dSWlpgEJPqD95WqpPyLs1ySwkZ8eViHVYaRoGJYKxmHUlbqHvjdIFO1uWhcAIOBXAGCufQETQwhidhuk8EkPDToEC9kWOge-jT8FBDwAfmHAt7IKH7LvXg-dbf-4a4p8PNH3pEP8vwlu4e6hz9vPZqNC9qVc6tWj6cOMfoRqOtGnp0Uco1cwXnPOc4L2Nw-P-hS9lH83t-uHPjr4ycV01kd7l9Tp2_VunlNy8w-AAvcQ |
| linkProvider | ProQuest |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1Nb9NAEF1VBQkulE8RWmCRQKIHE3vtzdoHQFbrpFYcu4pDm5uxd9dSpSopTQriT_EbmVnbEbn01gMny_J6_LFv3-x4x_MIec8FTDo837WUDCBACUrfqhhXMNy18mVVOdKujdiESFN_Pg9Od8if7l8YTKvsONEQtVpK_EbedyBUExycn_P16oeFqlG4utpJaDSwGOvfvyBkW32Oj6F_PzA2jGZHJ1arKmCV7mCwtkoVqNKFWZJTu7YuXaVh0Kva0doOpHBVoLliFVdA40pocM9aDAJR2XUlpRZGJQIo_56HlcUwVZCddszv8cAoHGNNLsvmnLXLouCjnX6anmMimfjEsGYiLouWF1i2aNsfbrsD4-OGe__b23lMHrWzaRo28H9CdvTiKdnrlCpoS1zPyDKkaXYWJXQ4DSfReTYd01lGwySJzuJwFtHjOM8BkE1pYJoN6TzPKTSb5DSG_TSJ04jm2VEcJjSNZsbAxyxPDynKlowoZpjQPBpNo5Ex8Zx8u5PHfkF2F8uFfkkoq7lrIls9qDyhPV8JzysVXicQttQ98qXp-aJli1WBgEG8FAgQ22xQacJDM9s7vGC8R_odYgrZFnJHPZHLAgM6BFsBYDO2CobZBU6PHG7OuGqKmNzS9qBD2D83uIFXj7zbHAYiwtWlcqGXN9AmAP7HakH-q9tNvCUPTmaTpICuG--Th3jt5pvWAdldX9_o1-S-_Lm-WF2_MaOLku93Ddi_dZZSkg |
| linkToPdf | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1Lj9MwELZWC0JcWJ6isICRQGIPoXm5jg-Aom1aomaTqim7FZeQ2I60EmqXbRfEX-PXMeMkFb3sbQ-cIivO5OHPMx7PZD5C3jAOiw4_8CwlBTgoogysymUKprtWgawqR9q1IZvgaRosFmK6R_50_8JgWmWnE42iViuJe-R9B1w1zsD4Of26TYuYDkefLn5YyCCFkdaOTqOByET__gXu2_pDPISxfuu6o2h-_NlqGQas0hsMNlaphCo9WDE5tWfr0lMaFICqHa1tIbmnhGbKrZgCla64BlOt-UDwyq4rKTU3jBGg_m9x8DExnXDKvnZWwGfCsB1jfS7LZsxtQ6Rgr51-mp5hUhl_72L9RAyRludYwmjXNu6aBmPvRgf_85e6T-61q2waNtPiAdnTy4fkoGOwoK1Ce0RWIU2z0yiho1l4Ep1lswmdZzRMkug0DucRHcZ5DkBtSgbTbEQXeU6h20lOY2inSZxGNM-O4zChaTQ3At5leXpEkc5kTDHzhObReBaNjYjH5MuNvPYTsr9cLfVTQt2aecbj1YPK59oPFPf9UuF9BLel7pGPDQqKVousCwQPYqdAsNjmgAwUPorZbbDCZT3S79BTyLbAO_KMfC_Q0UPgFQA8I6twMevA6ZGj7RUXTXGTa_oedmj75wG3UOuR19vToKAw6lQu9eoK-giwC1hFKHh2vYhX5A7gtICRmzwnd_HWzVbXIdnfXF7pF-S2_Lk5X1--NBONkm83jde_eQhbfg |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+NOVEL+FRAMEWORK+TO+ALLEVIATE+DISSEMINATION+OF+XSS+WORMS+IN+ONLINE+SOCIAL+NETWORK+%28OSN%29+USING+VIEW+SEGREGATION&rft.jtitle=Neural+Network+World&rft.au=P.+Chaudhary&rft.au=B.B.+Gupta&rft.date=2017-01-01&rft.pub=Institute+of+Information+and+Computer+Technology&rft.issn=1210-0552&rft.volume=27&rft.issue=1&rft.spage=5&rft.epage=25&rft_id=info:doi/10.14311%2FNNW.2017.27.001&rft.externalDocID=12100552_201702_201805240026_201805240026_5_25 |
| thumbnail_m | http://cvtisr.summon.serialssolutions.com/2.0.0/image/custom?url=https%3A%2F%2Fwww.airitilibrary.com%2Fjnltitledo%2F12100552-c.jpg |