{"title":"缓解在线社交网络JavaScript蠕虫在云平台的扩散","authors":"Shashank Gupta, B. B. Gupta","doi":"10.1109/IACS.2016.7476119","DOIUrl":null,"url":null,"abstract":"This paper presents a robust framework deployed in the settings of cloud environment that alleviates the propagation of JS worms from Web applications. The proposed framework automates the process of detecting the hidden injection points from the OSN-based web applications. In addition, it also detects the partial JavaScript injection by the attacker and performs the sanitization on the detected JavaScript attack vectors in a context-aware manner. The prototype of our framework was developed in java and installed in the virtual machines of cloud platforms as a Google Chrome extension. The testing of our framework is performed on the platform of real world OSN-based web applications in cloud platform. The performance analysis and experimental results reveal that our framework detects the partial JS worms with low false negative rate and acceptable false positive rate. We have also optimized the sanitization process in a context-aware manner in contrast to the methods adopted by existing defensive methodologies.","PeriodicalId":6579,"journal":{"name":"2016 7th International Conference on Information and Communication Systems (ICICS)","volume":"27 1","pages":"246-251"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Alleviating the proliferation of JavaScript worms from online social network in cloud platforms\",\"authors\":\"Shashank Gupta, B. B. Gupta\",\"doi\":\"10.1109/IACS.2016.7476119\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents a robust framework deployed in the settings of cloud environment that alleviates the propagation of JS worms from Web applications. The proposed framework automates the process of detecting the hidden injection points from the OSN-based web applications. In addition, it also detects the partial JavaScript injection by the attacker and performs the sanitization on the detected JavaScript attack vectors in a context-aware manner. The prototype of our framework was developed in java and installed in the virtual machines of cloud platforms as a Google Chrome extension. The testing of our framework is performed on the platform of real world OSN-based web applications in cloud platform. The performance analysis and experimental results reveal that our framework detects the partial JS worms with low false negative rate and acceptable false positive rate. We have also optimized the sanitization process in a context-aware manner in contrast to the methods adopted by existing defensive methodologies.\",\"PeriodicalId\":6579,\"journal\":{\"name\":\"2016 7th International Conference on Information and Communication Systems (ICICS)\",\"volume\":\"27 1\",\"pages\":\"246-251\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 7th International Conference on Information and Communication Systems (ICICS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IACS.2016.7476119\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 7th International Conference on Information and Communication Systems (ICICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IACS.2016.7476119","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Alleviating the proliferation of JavaScript worms from online social network in cloud platforms
This paper presents a robust framework deployed in the settings of cloud environment that alleviates the propagation of JS worms from Web applications. The proposed framework automates the process of detecting the hidden injection points from the OSN-based web applications. In addition, it also detects the partial JavaScript injection by the attacker and performs the sanitization on the detected JavaScript attack vectors in a context-aware manner. The prototype of our framework was developed in java and installed in the virtual machines of cloud platforms as a Google Chrome extension. The testing of our framework is performed on the platform of real world OSN-based web applications in cloud platform. The performance analysis and experimental results reveal that our framework detects the partial JS worms with low false negative rate and acceptable false positive rate. We have also optimized the sanitization process in a context-aware manner in contrast to the methods adopted by existing defensive methodologies.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
