Affiliation:
1. National Institute of Technology Kurukshtra, India
Abstract
Cross-Site Scripting (XSS) attack is a vulnerability on the client-side browser that is caused by the improper sanitization of the user input embedded in the Web pages. Researchers in the past had proposed various types of defensive strategies, vulnerability scanners, etc., but still XSS flaws remains in the Web applications due to inadequate understanding and implementation of various defensive tools and strategies. Therefore, in this chapter, the authors propose a security model called Browser Dependent XSS Sanitizer (BDS) on the client-side Web browser for eliminating the effect of XSS vulnerability. Various earlier client-side solutions degrade the performance on the Web browser side. But in this chapter, the authors use a three-step approach to bypass the XSS attack without degrading much of the user's Web browsing experience. While auditing the experiments, this approach is capable of preventing the XSS attacks on various modern Web browsers.
Reference21 articles.
1. Acunetix Vulnerability Scanner. (n.d.). Retrieved from http://www.acunetix.com/vulnerability-scanner/
2. Alfaro, G., & Arribasz, G. N. (2007). Prevention of cross-site scripting attacks on current web applications. Springer-Verlag Berlin Heidelberg. Retrieved from link.springer.com/chapter/10.1007/978-3-540-76843-2_45
3. Appscan. (n.d.). Retrieved from http://www-03.ibm.com/software/products/en/appscan
4. Identifying cross site scripting vulnerabilities in Web applications
Cited by
19 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献