{"title":"web应用XSS漏洞评估与防范","authors":"Ankita Shrivastava, S. Choudhary, Ashish Kumar","doi":"10.1109/NGCT.2016.7877529","DOIUrl":null,"url":null,"abstract":"Cross site scripting (XSS) is a type of scripting attack on web pages and account as one of the unsafe vulnerability existed in web applications. Once the vulnerability is oppressed, an intruder advances intended access of the authenticate user's web-browser and may perform session-hijacking, cookie-stealing, malicious redirection and malware-spreading. As prevention against such attacks, it is essential to implement security measures that certainly block the third party intrusion. Recently the most dangerous attacks are reflected and DOM based cross-site scripting attacks because in both cases attacker attack using server side scripting and do forgery over the network, it is hard to detect and therefore it must be prevented. Vulnerabilities of websites are exploited over the network through web request using GET and POST method. In this paper, we are focusing on injection, detection, and prevention of stored based XSS reflected XSS and DOM based XSS.","PeriodicalId":326018,"journal":{"name":"2016 2nd International Conference on Next Generation Computing Technologies (NGCT)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"25","resultStr":"{\"title\":\"XSS vulnerability assessment and prevention in web application\",\"authors\":\"Ankita Shrivastava, S. Choudhary, Ashish Kumar\",\"doi\":\"10.1109/NGCT.2016.7877529\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cross site scripting (XSS) is a type of scripting attack on web pages and account as one of the unsafe vulnerability existed in web applications. Once the vulnerability is oppressed, an intruder advances intended access of the authenticate user's web-browser and may perform session-hijacking, cookie-stealing, malicious redirection and malware-spreading. As prevention against such attacks, it is essential to implement security measures that certainly block the third party intrusion. Recently the most dangerous attacks are reflected and DOM based cross-site scripting attacks because in both cases attacker attack using server side scripting and do forgery over the network, it is hard to detect and therefore it must be prevented. Vulnerabilities of websites are exploited over the network through web request using GET and POST method. In this paper, we are focusing on injection, detection, and prevention of stored based XSS reflected XSS and DOM based XSS.\",\"PeriodicalId\":326018,\"journal\":{\"name\":\"2016 2nd International Conference on Next Generation Computing Technologies (NGCT)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"25\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 2nd International Conference on Next Generation Computing Technologies (NGCT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NGCT.2016.7877529\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 2nd International Conference on Next Generation Computing Technologies (NGCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NGCT.2016.7877529","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
XSS vulnerability assessment and prevention in web application
Cross site scripting (XSS) is a type of scripting attack on web pages and account as one of the unsafe vulnerability existed in web applications. Once the vulnerability is oppressed, an intruder advances intended access of the authenticate user's web-browser and may perform session-hijacking, cookie-stealing, malicious redirection and malware-spreading. As prevention against such attacks, it is essential to implement security measures that certainly block the third party intrusion. Recently the most dangerous attacks are reflected and DOM based cross-site scripting attacks because in both cases attacker attack using server side scripting and do forgery over the network, it is hard to detect and therefore it must be prevented. Vulnerabilities of websites are exploited over the network through web request using GET and POST method. In this paper, we are focusing on injection, detection, and prevention of stored based XSS reflected XSS and DOM based XSS.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
