Enhanced XSS Defensive Framework for Web Applications Deployed in the Virtual Machines of Cloud Computing Environment

Simple item page
dc.contributor.authorGupta, Shashank
dc.date.accessioned2024-11-05T12:01:49Z
dc.date.available2024-11-05T12:01:49Z
dc.date.issued2016
dc.description.abstractTo thwart the virtual machines from being a victim of XSS attacks on the cloud computing environment, this paper presents an enhanced XSS defensive methodology for the cloud platforms. This framework initially scans the HTTP requests for the embedded URI links that points towards the links of external JS files and which may contain malicious XSS payload. Our design also explores the HTTP response for extracting the script content and compares this content with the script content retrieved from the URI links. Any resemblance observed in both these extracted set of scripts would be considered as malicious XSS worm. The testing and evaluation of our framework was done on tested bed of real world web applications by injecting the XSS attack payloads on their vulnerable injection points. Evaluation results revealed that our framework detects the XSS attack vectors with fewer rates of false negatives and false positivesen_US
dc.identifier.urihttps://www.sciencedirect.com/science/article/pii/S2212017316302419
dc.identifier.urihttp://dspace.bits-pilani.ac.in:8080/jspui/handle/123456789/16303
dc.language.isoenen_US
dc.publisherElsevieren_US
dc.subjectComputer Scienceen_US
dc.subjectCloud Computingen_US
dc.subjectCloud securityen_US
dc.subjectVirtual Machinesen_US
dc.subjectCross-site scripting (XSS) wormsen_US
dc.subjectURI Linksen_US
dc.titleEnhanced XSS Defensive Framework for Web Applications Deployed in the Virtual Machines of Cloud Computing Environmenten_US
dc.typeArticleen_US

Files

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Department of Computer Science and Information Systems