Detection of DOM-Based XSS Attack on Web Application

Ninawe, Shubhangi; Wajgi, Rakhi

doi:10.1007/978-3-030-28364-3_65

Cited by 6 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Due to the maturity of network technology, the threshold of web application attack technology is getting lower and lower. Hackers gradually transfer the attack object from the network server to the web application [11][12][13][14]. According to Gartner's survey data, 75% of information security attacks occur on Web applications, not on the network level.…”

Section: Introductionmentioning

confidence: 99%

Design of Web Security Penetration Test System Based on Attack and Defense Game

Song¹,

Sun²,

Qin³

2022

Scientific Programming

View full text Add to dashboard Cite

Some sensitive data in the network will be leaked due to the loopholes or weaknesses of the web system itself, which will bring potential harm to the society or the public. Aiming at this, this study carries out the design of web security penetration test system. A test scheme comparing single method with an automatic comprehensive test method is designed. Based on this scheme, an automatic penetration test system script used under the terminal operation page is tested and designed. A security evaluation algorithm based on the prediction results of the game between attack and defense is proposed. Through this algorithm, different website systems are evaluated and scored, and the test results are compared through scoring. The automatic penetration test integration system designed and implemented in this study can meet the main objectives of web security and the protection requirements of websites against general, routine, and universal security attacks. The proposed evaluation algorithm is more detailed, accurate, and reference in scoring.

show abstract

Section: Introductionmentioning

confidence: 99%

Design of Web Security Penetration Test System Based on Attack and Defense Game

Song¹,

Sun²,

Qin³

2022

Scientific Programming

View full text Add to dashboard Cite

show abstract

“…We literally depend on these applications to accomplish tasks, and they are integral to our day-to-day activities. We communicate with online applications in a dynamic manner [1] when we interact with our email, conduct banking transactions, visit social networking sites, etc. Web applications have a dynamic nature because they can determine how a website reacts to a user's input.…”

Section: Introductionmentioning

confidence: 99%

Cross-site Scripting Attack Detection Using Machine Learning with Hybrid Features

2021

View full text Add to dashboard Cite

This study aims to measure the classification accuracy of XSS attacks by using a combination of two methods of determining feature characteristics, namely using linguistic computation and feature selection. XSS attacks have a certain pattern in their character arrangement, this can be studied by learners using n-gram modeling, but in certain cases XSS characteristics can contain a certain meta and synthetic this can be learned using feature selection modeling. From the results of this research, hybrid feature modeling gives good accuracy with an accuracy value of 99.87%, it is better than previous studies which the average is still below 99%, this study also tries to analyze the false positive rate considering that the false positive rate in attack detection is very influential for the convenience of the information security team, with the modeling proposed, the false positive rate is very small, namely 0.039%

show abstract

Personal data filtering: a systematic literature review comparing the effectiveness of XSS attacks in web applications vs cookie stealing

Rodríguez-Galán,

Torres

2024

Ann. Telecommun.

View full text Add to dashboard Cite

Detection of DOM-Based XSS Attack on Web Application

Cited by 6 publications

References 6 publications

Design of Web Security Penetration Test System Based on Attack and Defense Game

Design of Web Security Penetration Test System Based on Attack and Defense Game

Cross-site Scripting Attack Detection Using Machine Learning with Hybrid Features

Personal data filtering: a systematic literature review comparing the effectiveness of XSS attacks in web applications vs cookie stealing

Contact Info

Product

Resources

About