Full Paper View Go Back
Cross-site Scripting Attack Avoidance through Dynamic Coding Structure
Farheen Banu. J1 , K. Vijayalakshmi2
1 Dept. of MCA, Ethiraj College for Women (Madras University), Chennai, India .
2 Dept. of MCA, Ethiraj College for Women (Madras University), Chennai, India .
Correspondence should be addressed to: ikramfarheen@gmail.com.
Section:Research Paper, Product Type: Journal
Vol.5 ,
Issue.4 , pp.15-19, Aug-2017
Online published on Aug 30, 2017
Copyright © Farheen Banu. J, K. Vijayalakshmi . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: Farheen Banu. J, K. Vijayalakshmi, “Cross-site Scripting Attack Avoidance through Dynamic Coding Structure,” International Journal of Scientific Research in Network Security and Communication, Vol.5, Issue.4, pp.15-19, 2017.
MLA Style Citation: Farheen Banu. J, K. Vijayalakshmi "Cross-site Scripting Attack Avoidance through Dynamic Coding Structure." International Journal of Scientific Research in Network Security and Communication 5.4 (2017): 15-19.
APA Style Citation: Farheen Banu. J, K. Vijayalakshmi, (2017). Cross-site Scripting Attack Avoidance through Dynamic Coding Structure. International Journal of Scientific Research in Network Security and Communication, 5(4), 15-19.
BibTex Style Citation:
@article{J_2017,
author = {Farheen Banu. J, K. Vijayalakshmi},
title = {Cross-site Scripting Attack Avoidance through Dynamic Coding Structure},
journal = {International Journal of Scientific Research in Network Security and Communication},
issue_date = {8 2017},
volume = {5},
Issue = {4},
month = {8},
year = {2017},
issn = {2347-2693},
pages = {15-19},
url = {https://www.isroset.org/journal/IJSRNSC/full_paper_view.php?paper_id=297},
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
UR - https://www.isroset.org/journal/IJSRNSC/full_paper_view.php?paper_id=297
TI - Cross-site Scripting Attack Avoidance through Dynamic Coding Structure
T2 - International Journal of Scientific Research in Network Security and Communication
AU - Farheen Banu. J, K. Vijayalakshmi
PY - 2017
DA - 2017/08/30
PB - IJCSE, Indore, INDIA
SP - 15-19
IS - 4
VL - 5
SN - 2347-2693
ER -
Abstract :
Due to the high prevalence of Cross-Site Scripting (XSS) attacks, most leading browsers now comprise or support filters to defend against XSS attacks. This paper presents an enhanced XSS fortifier for the vulnerable web sites. Unlike other proposed methodology this paper contains a script extractor which on execution retains the malicious scripts injected in the various Web pages of a vulnerable web site. It also provides the threat level which indicates the seriousness of the web site affected. The results of the script extractor indicate the loopholes of the web page which after every session of attack is being manually overcome by the web developer to make the website vulnerable free.
Key-Words / Index Term :
Cross-Site Scripting, Enhanced XSS Fortifier, Script Extractor, Threat Level, Vulnerable Free
References :
[1]. M. K. Gupta, M.C. Govil, G. Singh, “Predicting Cross-Site Scripting (XSS) Security Vulnerabilities in Web Applications”, international joint conference on computer science and software engineering, IEEE conference publication, pp.162-167, 2015.
[2]. D. Guaman, F. Guaman, D. Jaramillo, Manuel Sucunuta. “Implementation of techniques and OWASP security recommendations to avoid SQL and XSS attacks using J2EE and WS-Security”, 12th Iberian conference on information system and technologies, IEEE conference publication, pp.1-7, 2017.
[3]. A. Shrivastava, V.K Varma, V.G. Shankar “X-trap Trapping client and server side XSS vulnerability”, International conference on parallel, distributed and grid computing, IEEE conference publication, India, pp.394-398, 2016.
[4]. T.K. Nguyen, S.O. Hwang, “Large-Scale Detection of DOM-based XSS based on Publisher and Subscriber Model” International Conference on Computational Science and Computational Intelligence, IEEE conference publication, Korea, pp.975-980, 2016.
[5]. A. Shrivastava, S. Choudhary, A. Kumar “XSS Vulnerability Assessment and Prevention in Web Application”, 2nd International Conference on Next Generation Computing Technologies, IEEE conference publication, India, pp.850-853, 2016.
[6]. P.A. Sonewar, S.D. Thosar, “Detection of SQL Injection and XSS Attacks in Three Tier Web Applications”, International Conference on computing communication control, IEEE conference publication, Pune, pp.1-4, 2016.
[7]. M. Mohammadi, B. Chu, H.R. Lipford, “Automatic Web Security Unit Testing: XSS Vulnerability Detection”, 11th IEEE/ACM International Workshop in Automation of Software Test, IEEE conference publication, USA, pp.78-84, 2016.
[8]. P. Choudhary, B.B Gupta, S. Yamaguchi, “XSS detection with automatic view isolation on online social network”, IEEE 5th Global Conference on Consumer Electronics, IEEE conference publication, India, pp.1-5, 2016.
[9]. M. Amjad, “Security Enhancement of IPV6 Using Advance Encryption Standard and Diffie Hellman” International Journal of Science Research in Network Security and Communication, Vol.5, Issue-3, pp.182-187, 2017.
[10]. H. Bhasin, N. Kathuria, “Cryptography Automata Based Key Generation”, International Journal of Scientific Research in Network Security and Communication, Vol.1, Issue.2, pp.15-17, 2013.
[11]. Gelogo, Y. E. Caytiles, R. D. Park, B. “Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security”, International Journal of Control and Automation, Vol. 4, Issue-4. pp179-184, 2011.
[12]. M. Amjad, “Wireless Network Security: Susceptibility, Extortion and Kiosk” International Journal of Computer Sciences and Engineering, Vol-1, Issue-3, pp.10-14, 2013.
[13]. F.T. Zohra, S. Azam, Md.M. Rahman, "Overview of IPv6 Mobility Management Protocols and their Handover Performances", International Journal of Computer Sciences and Engineering, Vol.2, Issue.3, pp.125-133, 2014.
[14]. A. Kiezun, P.J. Juo, “Automatic Creation of SQL Injection and Cross-Site Scripting Attacks”, International conference on Software Engineering, IEEE Computer Society, USA, pp 199-209, 2009.
[15]. J. Bau, E. Bursztein, D. Gupta, J. Mitchell, “State of the Art: Automated Black-Box Web Application Vulnerability Testing”, IEEE Symposium on Security and Privacy IEEE conference publication, USA, pp.332-345, 2010.
[16]. J.M. Chen, Chia-Lun Wu, “An automated vulnerability scanner for injection attack based on injection point”, International Computer Symposium Privacy - IEEE conference publication, Taiwan, pp 113-118, 2010.
[17]. M.E Ruse, S. Basu, “Detecting Cross-Site Scripting Vulnerability Using Concolic Testing”, Information Technology: New Generations, Tenth International Conference IEEE, USA, pp 633-638, 2013.
[18]. S. Sugandh, B. M. Mehtre, “A Reliable Strategy for Proactive Self-Defense in Cyberspace using VAPT Tools and Techniques”, Computational Intelligence and Computing Research IEEE International Conference, India, pp.1-6, 2013.
You do not have rights to view the full text article.
Please contact administration for subscription to Journal or individual article.
Mail us at ijsrnsc@gmail.com or view contact page for more details.