DocumentCode :
485415
Title :
MBDS: Model-based detection system for Cross Site Scripting
Author :
Qi Zhenyu ; Xu Jing ; Li Baoguo ; Tan Fang
Author_Institution :
Inst. of Machine Intell., Nankai Univ., Tianjin
fYear :
2007
fDate :
12-14 Dec. 2007
Firstpage :
849
Lastpage :
852
Abstract :
Cross site scripting (XSS) is a vulnerability that is essentially caused by the failure of checking up on user input before returning it to the client´s web browsers. Using proxy servers as application-level firewalls to filter out the malicious code on the server side is a common mechanism in most of the server side proposals. But it is a passive way to detect XSS and will reduce the performance of server dramatically. This paper proposes a client-side system that automatically detects XSS vulnerability by manipulating either of two modes. Through the modified model the system has concluded that the input invalidation is the most important one in eight main reasons which causes XXS. The system also shares the vulnerability information via a central database.
Keywords :
Internet; authoring languages; authorisation; online front-ends; MBDS; Web browsers; application-level firewalls; client-side system; cross site scripting; malicious code; model-based detection system; proxy servers; XSS; client-side; detection mode;
fLanguage :
English
Publisher :
iet
Conference_Titel :
Wireless, Mobile and Sensor Networks, 2007. (CCWMSN07). IET Conference on
Conference_Location :
Shanghai
ISSN :
0537-9989
Print_ISBN :
978-0-86341-836-5
Type :
conf
Filename :
4786336
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=485415
بازگشت