XSS Attack and Countermeasure: Survey

The Research Perspective: XSS Attack and Prevention of XSS Vulnerability in Web Application

Cross-Site Scripting is one of the major’s attacks described by OWASP. The Cross Site Scripting attack is possible by inserting or changing the programming logic, changing and syntax of HTML elements by code injection attacks. The Web application is XSS Vulnerable when there is no proper input validation. The many web applications like social networking sites are the victims of this attack. Thi...

Cross Site Scripting (XSS) Attack Prevention with Dynamic Data Tainting

Structural Learning of Attack Vectors for Generating Mutated XSS Attacks

Web applications suffer from cross-site scripting (XSS) attacks that resulting from incomplete or incorrect input sanitization. Learning the structure of attack vectors could enrich the variety of manifestations in generated XSS attacks. In this study, we focus on generating more threatening XSS attacks for the state-of-the-art detection approaches that can find potential XSS vulnerabilities in...

An Unsupervised Method for Detection of XSS Attack

Cross-site scripting (XSS) is a code injection attack that allows an attacker to execute malicious script in another user’s browser. Once the attacker gains control over the Website vulnerable to XSS attack, it can perform actions like cookie-stealing, malware-spreading, session-hijacking and malicious redirection. Malicious JavaScripts are the most conventional ways of performing XSS attacks. ...

Information Theoretic XSS Attack Detection in Web Applications

Cross-Site Scripting (XSS) has been ranked among the top three vulnerabilities over the last few years. XSS vulnerability allows an attacker to inject arbitrary JavaScript code that can be executed in the victim’s browser to cause unwanted behaviors and security breaches. Despite the presence of many mitigation approaches, the discovery of XSS is still widespread among today’s web applications....