Please use this identifier to cite or link to this item:
http://dspace.bits-pilani.ac.in:8080/jspui/handle/123456789/16305| Title: | CSSXC: Context-sensitive Sanitization Framework for Web Applications against XSS Vulnerabilities in Cloud Environments |
| Authors: | Gupta, Shashank |
| Keywords: | Computer Science Cloud Computing Cross-Site Scripting (XSS) attacks JavaScript code injection attacks Cloud security |
| Issue Date: | 2016 |
| Publisher: | Elsevier |
| Abstract: | This paper presents a context-sensitive sanitization based XSS defensive framework for the cloud environment. It discovers all the hidden injection points in HTML5-based web applications deployed on the platforms of cloud and sanitizes the XSS attack payloads injected in such points in a context sensitive manner. The identification of such injection points permits our technique to retrieve each possible web page of application, allowing a wider exploration and accelerating the process of applying the sanitizers on the untrusted variables of web application. The XSS attack mitigation capability of our framework was evaluated on web applications deployed for the cloud users in the cloud environment. The experimental results reveal that this technique detects the XSS attack payloads with minimum rate of false negatives and less runtime overhead. |
| URI: | https://www.sciencedirect.com/science/article/pii/S1877050916305592 http://dspace.bits-pilani.ac.in:8080/jspui/handle/123456789/16305 |
| Appears in Collections: | Department of Computer Science and Information Systems |
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.