A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques

Now the web applications are highly useful and powerful for usage in most fields such as finance, e-commerce, healthcare and more, so it must be well secured. The web applications may contain vulnerabilities, which are exploited by attackers to steal the user's credential. The Cross Site Script...

Full description

Saved in:
Bibliographic Details
Published in:ICICIS : 2017 eighth International Conference on Intelligent Computing and Information Systems : 5-7 December 2017 pp. 36 - 42
Main Authors: Mahmoud, Shaimaa Khalifa, Alfonse, Marco, Roushdy, Mohamed Ismail, Salem, Abdel-Badeeh M.
Format: Conference Proceeding
Language:English
Published: IEEE 01.12.2017
Subjects:
Browsers
Cross Site Scripting (XSS)
DOM-base attack
injection code
JavaScript code
Malicious JavaScript
Reflected attack
Servers
Stored attack
web application security
Web pages
web security
XSS vulnerability
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Now the web applications are highly useful and powerful for usage in most fields such as finance, e-commerce, healthcare and more, so it must be well secured. The web applications may contain vulnerabilities, which are exploited by attackers to steal the user's credential. The Cross Site Scripting (XSS) attack is a critical vulnerability that affects on the web applications security. XSS attack is an injection of malicious script code into the web application by the attacker in the client-side within user's browser or in the server-side within the database, this malicious script is written in JavaScript code and injected within untrusted input data on the web application. This study discusses the XSS attack, its taxonomy, and its incidence. In addition, the paper presents the XSS mechanisms used to detect and prevent the XSS attacks.
DOI:10.1109/INTELCIS.2017.8260024