S2XS2: A Server Side Approach to Automatically Detect XSS Attacks

Author

Shahriar, Hossain ; Zulkernine, Mohammad

Author_Institution

Sch. of Comput., Queen´´s Univ., Kingston, ON, Canada

fYear

2011

fDate

12-14 Dec. 2011

Firstpage

7

Lastpage

14

Abstract

Cross site scripting (XSS) vulnerabilities are widespread in web-based programs. Server side detection of suspected contents can mitigate XSS exploitations early. Unfortunately, existing serve side approaches impose modification of server and client side environments. In this paper, we develop an automated framework to detect XSS attacks at the server side based on the notion of boundary injection and policy generation. Boundaries mark content generation locations in server script code. We derive expected benign features of dynamic contents that are matched during response page generation to detect attacks. We develop a prototype tool to automatically insert boundaries and generate policies for JSP programs. We evaluate the approach with four JSP programs. The results indicate that the approach detects most of the well known XSS attacks. Moreover, the false positive rates vary between zero and 5.2%. The approach suffers from negligible runtime overhead.

Keywords

Internet; security of data; Web-based programs; XSS attacks; XSS exploitations; boundary injection; content generation; cross site scripting vulnerabilities; policy generation; response page generation; server script code; server side approach; server side detection; Browsers; Context; Feature extraction; HTML; Instruments; Runtime; Servers; XSS; boundary injection; policy generation;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable, Autonomic and Secure Computing (DASC), 2011 IEEE Ninth International Conference on

Conference_Location

Sydney, NSW

Print_ISBN

978-1-4673-0006-3

Type

conf

DOI

10.1109/DASC.2011.26

Filename

6118345