RAJIVE: restricting the abuse of JavaScript injection vulnerabilities on cloud data centre by sensing the violation in expected workflow of web applications Online publication date: Wed, 28-Mar-2018
by Shashank Gupta; B.B. Gupta
International Journal of Innovative Computing and Applications (IJICA), Vol. 9, No. 1, 2018
Abstract: This article introduces a novel defensive framework that detects and obstructs the exploitation of malicious JavaScript (JS) injection by spotting the violation in the expected workflow of web applications deployed on the cloud data centres. The framework initially generates some categories of axioms by examining the strings of HTTP request and response. Likewise, it detects the deviation in the intended workflow of web application by examining the violation in such generated axioms. The prototype of our work was developed in Java development framework and installed on the virtual machines of cloud data centres located at the core of network. Susceptible web applications were utilised for evaluating the workflow violation detection capability in order to obstruct the execution of XSS worms on the cloud data centres. Evaluation result revealed that framework detects the injection of XSS worms with high precision rate and lesser rate of false positives and false negatives.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Innovative Computing and Applications (IJICA):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com