SEC-H5: Secure and efficient integration of settings of enhanced HTML5 XSS vector defensive framework on edge network of fog nodes

Abstract

The authors introduce an enhanced HTML5 (H5) Cross-Site Scripting (H5-XSS) attack vector defensive model that safeguards and maintains the confidentiality of users accessing the web applications hosted on the fog nodes. Initially, the model performs in self-training manner and estimates some features of H5 script code at the simulated desktop host systems of cloud infrastructure. Second, a process of H5 feature estimation gets re-executed for the online generated HTTP response on the edge network of fog device. Any oddity in these two features sets results in the consequent nested context-familiar sanitization of the distrustful script code on an installed fog nodes. The author design their framework structure on an open application infrastructural structure of Cisco IOx framework of various networked edge devices as fog nodes. The authors configure the tested bed of H5 web platforms on the nodes of the fog computing network for evaluating the malicious script alleviation capability of their model. Evaluation outcomes expose that the author's technique is skilled sufficient for sensing and excluding the suspicious H5 code with sufferable percentage of False Negatives (FNs), False Positives (FPs), and reduced overall performance overhead during the peak congestion of generation of sanitized HTTP response on the fog nodes.