A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques

Now the web applications are highly useful and powerful for usage in most fields such as finance, e-commerce, healthcare and more, so it must be well secured. The web applications may contain vulnerabilities, which are exploited by attackers to steal the user's credential. The Cross Site Script...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ICICIS : 2017 eighth International Conference on Intelligent Computing and Information Systems : 5-7 December 2017 S. 36 - 42
Hauptverfasser: Mahmoud, Shaimaa Khalifa, Alfonse, Marco, Roushdy, Mohamed Ismail, Salem, Abdel-Badeeh M.
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: IEEE 01.12.2017
Schlagworte:
Browsers
Cross Site Scripting (XSS)
DOM-base attack
injection code
JavaScript code
Malicious JavaScript
Reflected attack
Servers
Stored attack
web application security
Web pages
web security
XSS vulnerability
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Now the web applications are highly useful and powerful for usage in most fields such as finance, e-commerce, healthcare and more, so it must be well secured. The web applications may contain vulnerabilities, which are exploited by attackers to steal the user's credential. The Cross Site Scripting (XSS) attack is a critical vulnerability that affects on the web applications security. XSS attack is an injection of malicious script code into the web application by the attacker in the client-side within user's browser or in the server-side within the database, this malicious script is written in JavaScript code and injected within untrusted input data on the web application. This study discusses the XSS attack, its taxonomy, and its incidence. In addition, the paper presents the XSS mechanisms used to detect and prevent the XSS attacks.
DOI:10.1109/INTELCIS.2017.8260024