Cross Site Scripting: Detection Approaches in Web Application

被引:0
作者
Marashdih, Abdalla Wasef [1 ]
Zaaba, Zarul Fitri [1 ]
机构
[1] Univ Sains Malaysia, Sch Comp Sci, Minden 11800, Pulau Pinang, Malaysia
来源
INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS | 2016年 / 7卷 / 10期
关键词
Web Application Security; Security; Software Security; Security Vulnerability; Cross Site Scripting; XSS; Genetic Algorithm; GA;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Web applications have become one of the standard platforms for service releases and representing information and data over the World Wide Web. Thus, security vulnerabilities headed to various type of attacks in web applications. Amongst those is Cross Site Scripting also known as XSS. XSS can be considered as one of the most popular type of threat in web security application. XSS occurs by injecting the malicious scripts into web application, and it can lead to significant violations at the site or for the user. This paper highlights the issues (i.e. security and vulnerability) in web application specifically in regards to XSS. In addition, the future direction of research within this domain is highlighted.
引用
收藏
页码:155 / 160
页数:6
相关论文
共 25 条
  • [11] Hydara I., 2014, 9 INT C SOFTW ENG AD, P227
  • [12] Kumar R., 2011, INFORM COMMUNICATION, V60, P651
  • [13] Software Vulnerability Discovery Techniques: A Survey
    Liu, Bingchang
    Shi, Liang
    Cai, Zhuhua
    Li, Min
    [J]. 2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012), 2012, : 152 - 156
  • [14] On Security Issues in Web Applications through Cross Site Scripting (XSS)
    Malviya, Vikas K.
    Saurav, Saket
    Gupta, Atul
    [J]. 2013 20TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE (APSEC 2013), VOL 1, 2013, : 583 - 588
  • [15] Mishra A., 2014, INT J SCI TECHNOL RE, V3, P331
  • [16] Rafiqi Sohail, 2015, SOFTWARE ENG ARTIFIC, P1
  • [17] Sadana VIII. S. J., 2011, P INT J ENG RES APPL, V1, P1764
  • [18] Shanmugasundaram G, 2015, INT CONF COMPUT POW, P436, DOI 10.1109/ICCPEIC.2015.7259498
  • [19] Shar LK, 2013, PROCEEDINGS OF THE 35TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2013), P642, DOI 10.1109/ICSE.2013.6606610
  • [20] Automated removal of cross site scripting vulnerabilities in web applications
    Shar, Lwin Khin
    Tan, Flee Beng Kuan
    [J]. INFORMATION AND SOFTWARE TECHNOLOGY, 2012, 54 (05) : 467 - 478
123