An Enhanced Approach for XSS Attack Detection on Web Applications

Authors

  • Shubhangi Ninawe  PG Scholar, Department of Computer Technology, Yashwantrao Chavan College of Engineering, Nagpur, Maharashtra, India
  • Prof. Rakhi Wajgi  Assistant Professor, Department of Computer Technology, Yeshwantrao Chavan College of Engineering, Nagpur, Maharashtra, India

Keywords:

Cross-Site Scripting, Genetic Algorithm, Software Security, Vulnerability Detection

Abstract

Programming security vulnerabilities have prompted numerous effective assaults on applications, particularly web applications, once a day. These assaults, including cross-site scripting, have caused harms for both web site proprietors and clients. Cross-site scripting vulnerabilities are anything but difficult to misuse however hard to alleviate. Numerous arrangements have been proposed for their recognition. In any case, the issue of cross-site scripting vulnerabilities present in web applications still perseveres. In this paper, we propose to investigate a methodology dependent on hereditary calculations that will most likely distinguish cross-site scripting vulnerabilities in the source code before an application is sent. The proposed methodology is, up until this point, just actualized and approved on web applications, in spite of the fact that it tends to be executed in other programming dialects with slight adjustments. Introductory assessments have shown promising outcomes.

References

  1. Punam Thopate,Purva Bamm, Apeksha Kamble, Cross Site Scripting Attack Detection & Prevention System, International Journal of Advanced Research in computer Engineering & Technology (IJARCET) 2014 nov. vol.3
  2. Bakare K. Ayeni, Junaidu B. sahalu, and kolawole R. Adeyanju, Detecting Cross-Site Scripting in Web Application Using Fuzzy Inference System, Journal of computer Network and Communication. Volume 2018, Article ID 815948 from: https://doi.org/10.1155/2018/8159548
  3. Ms. Daljit Kaur, Dr. Perminder Kaur, Cross-Site Scripting Attack and Their Prevention during Development, International Journal of Engineering Development and Research 2017. vol. 5 Issue 3 ISSN: 2321-9939
  4. Kaur G. , Study of Cross-Site Scripting Attack and their countermeasure, International Journal of computer Application Technology and Research, volume 3, Issue 10,2014.ISSN: 2319-8656
  5. Singh, A. and Sthappan, S. ,A Survey on XSS web-attack and Defence Mechanism, International Journal of Advanced Research in Computer Science and Software Engineering (IJARCSSE), volume 4 Issue 3,2014. ISSN :277-128X
  6. S. Shalini, S. Usha, Prevention of Cross-Site Scripting Attacks(XSS) on Web Application In The Client Side, International Journal of Computer Science Issues , Volume 8, Issue 4, No. 1july 2011.
  7. Isatou Hydara*, Abu Bakar Md Sultan, Hazura Zulzalil and Novia Admodisastro, Cross-Site Scripting Detection Based on an Enhanced Genetic Algorithm, Indian Journal of Science and Technology, vol 8(30),DOI: 10.17485/ijst/2015/68130/86055, November 2015.
  8. Avancini A, Ceccato M. Towards security testing with taint analysis and genetic algorithm. Proceedings of the 2010 ICSE Workshops on Software Engineering for secure Systems: Cape Town :ACM; 2010. P. 65-71.
  9. Shar LK, Tan HBK. Automated removal of cross site scripting vulnerabilities in web application. Information and Software Technology.Elsevier B. V;2012 May;54(5)”467-78.Availablefrom: http://linkinghub.elsevier.com/retrieve/pii/s0950584911002503
  10. Shuai B, Li M, Li H, Zhang Q, Tang C. Software vulnerability detection using genetic algorithm and dynamic taint analysis. 3rd International Conference on Consumer Electronics, Communication and Network (CECNet). IEEE;2013 Nov. p. 589-93.Availablefrom: http://ieeexplore.ieee.org/Ipdocs/epic03/wrapper.htm?arnumber=6703400
  11. Shushank Gupta, Lalitsen Sharma, Exploitation of Cross-Site Scripting(XSS) Vulnerability on Real World Web Application and its Defense, International Journal of Computer Application, Volume 60-No.14, December 2012.
  12. Acunetix vulnerability Scanner http://www.acunetix.com/vulnerability_scanner
  13. OpenWeb application Security Project : https://www.owasp.org/index.php/Top_10
  14. Zhushou Tang, Haojin Zhu, Zhenfu Cao, Shuai Zhao, L-WMxD: Lexical based webmail XSS Discover, IEEE Conference on Computer Communication Workshops(INFOCOM WKSHPS),2011,pp.976-981.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2019-04-30

Issue

Volume 6, Issue 2, March-April-2019

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Shubhangi Ninawe, Prof. Rakhi Wajgi, " An Enhanced Approach for XSS Attack Detection on Web Applications, International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011, Volume 6, Issue 2, pp.562-567, March-April-2019.