Alleviating the proliferation of JavaScript worms from online social network in cloud platforms

Abstract

This paper presents a robust framework deployed in the settings of cloud environment that alleviates the propagation of JS worms from Web applications. The proposed framework automates the process of detecting the hidden injection points from the OSN-based web applications. In addition, it also detects the partial JavaScript injection by the attacker and performs the sanitization on the detected JavaScript attack vectors in a context-aware manner. The prototype of our framework was developed in java and installed in the virtual machines of cloud platforms as a Google Chrome extension. The testing of our framework is performed on the platform of real world OSN-based web applications in cloud platform. The performance analysis and experimental results reveal that our framework detects the partial JS worms with low false negative rate and acceptable false positive rate. We have also optimized the sanitization process in a context-aware manner in contrast to the methods adopted by existing defensive methodologies.