POND: polishing the execution of nested context-familiar runtime dynamic parsing and sanitisation of XSS worms on online edge servers of fog computing

Abstract

This article presents an enhanced duplex context-wise sanitisation generator and dynamic parser on the hierarchical distributed structure of cloud data centres and edge (fog) servers for obstructing the execution of XSS worms that was recently found on HTML5 and Twitter-based web applications. The online HTTP response generated by such edge servers undergoes through the phase of dynamic runtime parsing. This phase finds out the nested context of variables of script code that cannot be statically determined during the determination of nested context of such variables in a static manner. Finally, sanitised version of templates of HTML5 web pages are generated as an HTTP response and redirected to the network of smart devices. Cloud data centres and edge servers of fog nodes are utilised for integrating the infrastructure settings of our prototype framework that was developed in Java developed framework. Numerous tested open source platforms of OSN were utilised for assessing the performance of runtime nested context determination and sanitisation of suspicious JavaScript strings. Performance evaluation outcomes revealed that the proposed work experienced better response time at online phase and tolerable performance overhead caused due to the runtime nested context-wise parsing and sanitisation of XSS worms.