Article: Static analysis method for detecting cross site scripting vulnerabilities Journal: International Journal of Information and Computer Security (IJICS) 2020 Vol.13 No.1 pp.32 - 47 Abstract: These days, the internet has turned into the favoured stage for clients to complete many activities of their everyday lives, including activities that include delicate data, for example, e-trade, e-administration, e-saving money, shopping portals and that is only the tip of the iceberg. Web applications have turned out to be unavoidable in all parts of life in view of the simplicity of remote availability for its clients. Yet, as the use of web builds each day, it has likewise brought into light the perilous side of HTML. Security has, along these lines end up noticeably one of the significant concerns with respect to the internet. In this paper, we concentrate on the particular issue of cross site scripting (XSS) assaults. We exhibit a scientific categorisation think about on cross site scripting assaults. We have additionally examined different sorts of vulnerabilities present and dangers delivered for this assault. We have also proposed a static analysis-based system for the detection and removal of the XSS vulnerabilities. Inderscience Publishers - linking academia, business and industry through research

Title: Static analysis method for detecting cross site scripting vulnerabilities

Authors: G. Usha; S. Kannimuthu; P.D. Mahendiran; Anusha Kadambari Shanker; Deepti Venugopal

Addresses: Software Engineering Department, SRM University, Kattankulathur, Kanchipuram District 603202, India ' Department of CSE, Karpagam College of Engineering, Coimbatore 641032, India ' Department of IT, Karpagam College of Engineering, Coimbatore 641032, India ' Software Engineering Department, SRM University, Kattankulathur, Kanchipuram District 603202, India ' Software Engineering Department, SRM University, Kattankulathur, Kanchipuram District 603202, India

Abstract: These days, the internet has turned into the favoured stage for clients to complete many activities of their everyday lives, including activities that include delicate data, for example, e-trade, e-administration, e-saving money, shopping portals and that is only the tip of the iceberg. Web applications have turned out to be unavoidable in all parts of life in view of the simplicity of remote availability for its clients. Yet, as the use of web builds each day, it has likewise brought into light the perilous side of HTML. Security has, along these lines end up noticeably one of the significant concerns with respect to the internet. In this paper, we concentrate on the particular issue of cross site scripting (XSS) assaults. We exhibit a scientific categorisation think about on cross site scripting assaults. We have additionally examined different sorts of vulnerabilities present and dangers delivered for this assault. We have also proposed a static analysis-based system for the detection and removal of the XSS vulnerabilities.

Keywords: cross site scripting; injection attack; server side scripting; client side scripting; social engineering; DOM; reflected xss; metasploit; AntiXSS; pixy; spectrogram.

DOI: 10.1504/IJICS.2020.108123

International Journal of Information and Computer Security, 2020 Vol.13 No.1, pp.32 - 47

Received: 26 Feb 2018
Accepted: 24 May 2018
Published online: 03 Jul 2020 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Static analysis method for detecting cross site scripting vulnerabilities

Keep up-to-date