The authors introduce an enhanced HTML5 (H5) Cross-Site Scripting (H5-XSS) attack vector defensive model that safeguards and maintains the confidentiality of users accessing the web applications hosted on the fog nodes. Initially, the model performs in self-training manner and estimates some features of H5 script code at the simulated desktop host systems of cloud infrastructure. Second, a process of H5 feature estimation gets re-executed for the online generated HTTP response on the edge network of fog device. Any oddity in these two features sets results in the consequent nested context-familiar sanitization of the distrustful script code on an installed fog nodes. The author design their framework structure on an open application infrastructural structure of Cisco IOx framework of various networked edge devices as fog nodes. The authors configure the tested bed of H5 web platforms on the nodes of the fog computing network for evaluating the malicious script alleviation capability of their model. Evaluation outcomes expose that the author's technique is skilled sufficient for sensing and excluding the suspicious H5 code with sufferable percentage of False Negatives (FNs), False Positives (FPs), and reduced overall performance overhead during the peak congestion of generation of sanitized HTTP response on the fog nodes.
KEYWORDSCloud Data Centers (CDC), code injection attacks, context aware sanitization, edge network, HTML5 XSS attack vectors, online social network (OSN) security
INTRODUCTIONThe evolution of cloud computing exempted the industries and their consumers from handling the description of countless specifics, like loading resources and computation constraints. 1 It is clearly highlighted in the work of Ponemon 2 that almost 91% of administrations in Europe and UnitedStates approved that drop in the cost is the main motivation for them to move to the platforms of cloud infrastructure. Slight investment, price deduction, and prompt implementation are some of the key aspects that motivate the enterprises to facilitate the services of cloud infrastructure and permit them for putting the emphasis on essential industry worries and main concern, instead of dealing with nominal concerns. Although, such advantages turn out to be problematic for applications, which are latency-sensitive and that need nodes in the area to avail their suspension requests. Smart phones are getting larger utilized in the day-to-day routine lifecycle of the people. Existing cloud computing prototypes cannot satisfy their necessities of motion provision, position alertness, and low latency. 3 In addition, the virtual machines of cloud platforms cannot support end points with rich facilities, comprising the applications with small latency necessities. The reason behind such non-optimal performance is that the data processing is completed at the central of the network of the cloud platforms, which has least connection with ground level.Recently, a new term is coined up, ie, Fog Computing, that extends boundary of cloud platform to an e...