A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques

Now the web applications are highly useful and powerful for usage in most fields such as finance, e-commerce, healthcare and more, so it must be well secured. The web applications may contain vulnerabilities, which are exploited by attackers to steal the user's credential. The Cross Site Script...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:ICICIS : 2017 eighth International Conference on Intelligent Computing and Information Systems : 5-7 December 2017 s. 36 - 42
Hlavní autori: Mahmoud, Shaimaa Khalifa, Alfonse, Marco, Roushdy, Mohamed Ismail, Salem, Abdel-Badeeh M.
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 01.12.2017
Predmet:
Browsers
Cross Site Scripting (XSS)
DOM-base attack
injection code
JavaScript code
Malicious JavaScript
Reflected attack
Servers
Stored attack
web application security
Web pages
web security
XSS vulnerability
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Now the web applications are highly useful and powerful for usage in most fields such as finance, e-commerce, healthcare and more, so it must be well secured. The web applications may contain vulnerabilities, which are exploited by attackers to steal the user's credential. The Cross Site Scripting (XSS) attack is a critical vulnerability that affects on the web applications security. XSS attack is an injection of malicious script code into the web application by the attacker in the client-side within user's browser or in the server-side within the database, this malicious script is written in JavaScript code and injected within untrusted input data on the web application. This study discusses the XSS attack, its taxonomy, and its incidence. In addition, the paper presents the XSS mechanisms used to detect and prevent the XSS attacks.
DOI:10.1109/INTELCIS.2017.8260024