Relevant bibliographies by topics / XSS attacks / Journal articles
To see the other types of publications on this topic, follow the link: XSS attacks.

Journal articles on the topic 'XSS attacks'

Author: Grafiati
Published: 4 June 2025
Last updated: 1 August 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'XSS attacks.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Khamdamov, Rustam, and Komil Kerimov. "MATHEMATICAL ALGORITHM FOR DETECTING XSS ATTACKS ON WEB APPLICATIONS." Journal of Automation and Information sciences 3 (May 1, 2021): 73–77. http://dx.doi.org/10.34229/1028-0979-2021-3-6.

Full text
Abstract:
Recently, attacks on web applications, such as SQL injection and cross-site scripting (XSS), have tended to increase. In this article, we proposed a new algorithm for detecting XSS attacks on a web application based on the analysis of the frequency of occurrence of special characters. The paper proposes mathematical modeling and a method for identifying XSS attacks using a function bounded below that depends on the input string. To build this function, special characters and keywords were used, which are often found in the construction of XSS attacks. Mathematical modeling and identification o
APA, Harvard, Vancouver, ISO, and other styles
2

Revyakina, Yelena, Larissa Cherckesova, Olga Safaryan, Denis Korochentsev, Nikolay Boldyrikhin, and Yuri Ivanov. "Possibilities of conducting XSS-attacks and the development of countermeasures." E3S Web of Conferences 224 (2020): 01040. http://dx.doi.org/10.1051/e3sconf/202022401040.

Full text
Abstract:
The article describes the investigation process of the possibilities of XSS–attacks, and the development of counteraction means to these attacks. Researches were determined whether XSS–attack can be fulfilled successfully, and vulnerability detection methods can be applied; were developed the logical and structural diagrams of XSS–vulnerability detection program; were realized program implementation (software) of algorithms for detecting XSS–vulnerabilities on the Web – sites. The software implementation is Web extension for the Google Chrome browser. Main purpose of implementing this software
APA, Harvard, Vancouver, ISO, and other styles
3

Hartono and Sriyanto. "XSS Attack Detection and Mitigation Using Multi-Layer Security Mechanism (MLSM)." Sienna 3, no. 2 (2022): 1–14. http://dx.doi.org/10.47637/sienna.v3i2.669.

Full text
Abstract:
BSSN stated that there were 12.9 million cyber threats in Indonesia during 2018. In January - April 2020, the number of cyber-attacks increased. In those four months, the number of cyberattacks reached 88 million. The methods, applications, and attack techniques used cannot be identified easily. However, according to data from the OWASP Top Ten in 2017 and 2021 (statistics-based proposal), there are 10 website security vulnerabilities that are most often exploited. XSS is one of the security holes included in the list. In addition to being a loophole that is often found, the impact of XSS is v
APA, Harvard, Vancouver, ISO, and other styles
4

Nagarjun, PMD, and Shaik Shakeel Ahamad. "ImageSubXSS: an image substitute technique to prevent Cross-Site Scripting attacks." International Journal of Electrical and Computer Engineering (IJECE) 9, no. 2 (2019): 1393–98. https://doi.org/10.11591/ijece.v9i2.pp1393-1398.

Full text
Abstract:
Cross-Site Scripting (XSS) is one of serious web application attack. Web applications are involved in every activity of human life. JavaScript plays a major role in these web applications. In XSS attacks hacker inject malicious JavaScript into a trusted web application, execution of that malicious script may steal sensitive information from the user. Previous solutions to prevent XSS attacks require a lot of effort to integrate into existing web applications, some solutions works at client-side and some solutions works based on filter list which needs to be updated regularly. In this paper, we
APA, Harvard, Vancouver, ISO, and other styles
5

Nagarjun, PMD, and Shaik Shakeel Ahamad. "ImageSubXSS: an image substitute technique to prevent Cross-Site Scripting attacks." International Journal of Electrical and Computer Engineering (IJECE) 9, no. 2 (2019): 1393. http://dx.doi.org/10.11591/ijece.v9i2.pp1393-1398.

Full text
Abstract:
<span lang="EN-US">Cross-Site Scripting (XSS) is one of serious web application attack. Web applications are involved in every activity of human life. JavaScript plays a major role in these web applications. In XSS attacks hacker inject malicious JavaScript into a trusted web application, execution of that malicious script may steal sensitive information from the user. Previous solutions to prevent XSS attacks require a lot of effort to integrate into existing web applications, some solutions works at client-side and some solutions works based on filter list which needs to be updated reg
APA, Harvard, Vancouver, ISO, and other styles
6

Gupta, Neha. "XSS Defense: An Approach for Detecting and Preventing Cross Site Scripting Attacks." COMPUSOFT: An International Journal of Advanced Computer Technology 04, no. 03 (2015): 1564–71. https://doi.org/10.5281/zenodo.14770771.

Full text
Abstract:
Web Applications provide wide range of services to its users in an easy and efficient manner. From the past few years web based attacks are increasing. Cross Site Scripting (XSS) is one of the major attacks found in web applications. In 2013, OWASP (Open Web Application Security Project) has ranked XSS third in the list of top 10 attacks found in web applications [11]. XSS attacks occur when an application takes insecure data and sends it to the browser without proper validation or escaping. This can result in hijacking of user sessions, defacing websites and redirecting the users to malicious
APA, Harvard, Vancouver, ISO, and other styles
7

Aliga, Aliga Paul, Adetokunbo MacGregor John-Otumu, Rebecca E. Imhanhahimi, and Atuegbelo Confidence Akpe. "Cross Site Scripting Attacks in Web-Based Applications." Journal of Advances in Science and Engineering 1, no. 2 (2018): 25–35. http://dx.doi.org/10.37121/jase.v1i2.19.

Full text
Abstract:
Web-based applications has turn out to be very prevalent due to the ubiquity of web browsers to deliver service oriented application on-demand to diverse client over the Internet and cross site scripting (XSS) attack is a foremost security risk that has continuously ravage the web applications over the years. This paper critically examines the concept of XSS and some recent approaches for detecting and preventing XSS attacks in terms of architectural framework, algorithm used, solution location, and so on. The techniques were analysed and results showed that most of the available recognition a
APA, Harvard, Vancouver, ISO, and other styles
8

Khazal, Iman, and Mohammed Hussain. "Server Side Method to Detect and Prevent Stored XSS Attack." Iraqi Journal for Electrical and Electronic Engineering 17, no. 2 (2021): 58–65. http://dx.doi.org/10.37917/ijeee.17.2.8.

Full text
Abstract:
Cross-Site Scripting (XSS) is one of the most common and dangerous attacks. The user is the target of an XSS attack, but the attacker gains access to the user by exploiting an XSS vulnerability in a web application as Bridge. There are three types of XSS attacks: Reflected, Stored, and Dom-based. This paper focuses on the Stored-XSS attack, which is the most dangerous of the three. In Stored-XSS, the attacker injects a malicious script into the web application and saves it in the website repository. The proposed method in this paper has been suggested to detect and prevent the Stored-XSS. The
APA, Harvard, Vancouver, ISO, and other styles
9

Mokbal, Fawaz Mahiuob Mohammed, Dan Wang, Xiaoxi Wang, and Lihua Fu. "Data augmentation-based conditional Wasserstein generative adversarial network-gradient penalty for XSS attack detection system." PeerJ Computer Science 6 (December 14, 2020): e328. http://dx.doi.org/10.7717/peerj-cs.328.

Full text
Abstract:
The rapid growth of the worldwide web and accompanied opportunities of web applications in various aspects of life have attracted the attention of organizations, governments, and individuals. Consequently, web applications have increasingly become the target of cyberattacks. Notably, cross-site scripting (XSS) attacks on web applications are increasing and have become the critical focus of information security experts’ reports. Machine learning (ML) technique has significantly advanced and shown impressive results in the area of cybersecurity. However, XSS training datasets are often limited a
APA, Harvard, Vancouver, ISO, and other styles
10

Zhou, Yuan, Enze Wang, Wantong Yang, et al. "XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding." Applied Sciences 15, no. 6 (2025): 3348. https://doi.org/10.3390/app15063348.

Full text
Abstract:
Cross-site scripting attacks represent one of the major security threats facing web applications, with Stored XSS attacks becoming the predominant form. Compared to reflected XSS, stored XSS attack payloads exhibit temporal and spatial asynchrony between injection and execution, rendering traditional browserside defenses based on request–response differential analysis ineffective. This paper presents XSShield, the first detection framework that leverages a Large Language Model to understand JavaScript semantics to defend against Stored XSS attacks. Through a Prompt Optimizer based on gradient
APA, Harvard, Vancouver, ISO, and other styles
11

Kerimov, Komil Fikratovich, and Zarina Ildarovna Azizova. "Development of Mathematical Algorithm for Detecting XSS Attacks on Web Applications." WSEAS TRANSACTIONS ON INFORMATION SCIENCE AND APPLICATIONS 21 (November 5, 2024): 509–13. http://dx.doi.org/10.37394/23209.2024.21.46.

Full text
Abstract:
The widespread usage of web applications has led to an increase in security threats, with Cross-Site Scripting (XSS) attacks being one of the most prevalent and damaging. Detecting and mitigating XSS attacks is crucial to ensure the integrity and confidentiality of sensitive user data. This article presents the mathematical algorithm and a way to identify XSS attacks using a bounded function from below, which depends on the input string, and highlights its potential impact in bolstering web application security. To construct this function, we used special characters and keywords that are frequ
APA, Harvard, Vancouver, ISO, and other styles
12

Wibowo, Ripto Mukti, and Aruji Sulaksono. "Web Vulnerability Through Cross Site Scripting (XSS) Detection with OWASP Security Shepherd." Indonesian Journal of Information Systems 3, no. 2 (2021): 149. http://dx.doi.org/10.24002/ijis.v3i2.4192.

Full text
Abstract:
Web applications are needed as a solution to the use of internet technology that can be accessed globally, capable of displaying information that is rich in content, cost effective, easy to use and can also be accessed by anyone, anytime and anywhere. In the second quarter of 2020, Wearesocial released information related to internet users in the world around 4.54 billion with 59% penetration. People become very dependent on the internet and also technology. This condition was also triggered due to the Covid-19 pandemic.One thing that becomes an issue on website application security is interne
APA, Harvard, Vancouver, ISO, and other styles
13

Hu, Ze, Jianwei Zhang, and Hongyu Yang. "XSS Attack Detection Based on Multisource Semantic Feature Fusion." Electronics 14, no. 6 (2025): 1174. https://doi.org/10.3390/electronics14061174.

Full text
Abstract:
Cross-site scripting (XSS) attacks can be implemented through various attack vectors, and the diversity of these vectors significantly increases the overhead required for detection systems. The existing XSS detection methods face issues such as insufficient feature extraction capabilities for XSS attacks, inadequate multisource feature fusion processes, and high resource consumption levels for their detection models. To address these problems, we propose a novel XSS detection approach based on multisource semantic feature fusion. First, we design a normalized tokenization rule based on the str
APA, Harvard, Vancouver, ISO, and other styles
14

Gupta, Charu, Rakesh Kumar Singh, and Amar Kumar Mohapatra. "GeneMiner: A Classification Approach for Detection of XSS Attacks on Web Services." Computational Intelligence and Neuroscience 2022 (June 25, 2022): 1–12. http://dx.doi.org/10.1155/2022/3675821.

Full text
Abstract:
According to OWASP 2021, cross-site scripting (XSS) attacks are increasing through specially crafted XML documents. The attacker injects a malicious payload with a new pattern and combination of scripts, functions, and tags that deceits the existing security mechanisms in web services. This paper proposes an approach, GeneMiner, encompassing GeneMiner-E to extract new features and GeneMiner-C for classification of input payloads as malicious and nonmalicious. The proposed approach evolves itself to the changing patterns of attack payloads and identifies adversarial XSS attacks. The experiments
APA, Harvard, Vancouver, ISO, and other styles
15

Nagaraju, Dr R. "XSS Attack Detection using Machine Learning Algorithms." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 07, no. 12 (2023): 1–11. http://dx.doi.org/10.55041/ijsrem27487.

Full text
Abstract:
This project focuses on the development of an XSS attack detection system using machine learning algorithms. The research involves the careful curation of diverse datasets encompassing XSS attacks and benign data. Key features are extracted, emphasizing HTML structure and JavaScript patterns. The study evaluates the efficacy of k- Nearest Neighbors, Logistic Regression, Random Forest, and Support Vector Machines (SVM) in detecting XSS threats. The training phase optimizes model accuracy, and performance metrics such as Precision, Recall, and F1 Score assess the model's effectiveness. Results p
APA, Harvard, Vancouver, ISO, and other styles
16

Wang, Qiuhua, Hui Yang, Guohua Wu, et al. "Black-box adversarial attacks on XSS attack detection model." Computers & Security 113 (February 2022): 102554. http://dx.doi.org/10.1016/j.cose.2021.102554.

Full text
APA, Harvard, Vancouver, ISO, and other styles
17

Maruf Hassan, Md, Badlishah R. Ahmad, Ashrafia Esha, Rafika Risha, and Mohammad S. Hasan. "Important factors to remember when constructing a cross-site scripting prevention mechanism." Bulletin of Electrical Engineering and Informatics 11, no. 2 (2022): 965–73. http://dx.doi.org/10.11591/eei.v11i2.3557.

Full text
Abstract:
Web application has become an essential part of daily activities to provide easy accessibility that ensures better performance. It is a platform where sensitive information such as username, password, credit card details, operating system and software version. is stored that attracts intruders to generate most of their attacks. Intruders can steal valuable data by compromising web application security flaws; cross site scripting (XSS) vulnerability is one of these. Several studies have been conducted in order to prevent the XSS vulnerability. In this research, we searched Scopus Indexed articl
APA, Harvard, Vancouver, ISO, and other styles
18

Md., Maruf Hassan, R. Ahmad Badlishah, Esha Ashrafia, Risha Rafika, and S. Hasan Mohammad. "Important factors to remember when constructing a cross-site scripting prevention mechanism." Bulletin of Electrical Engineering and Informatics 11, no. 2 (2022): 965~973. https://doi.org/10.11591/eei.v11i2.3557.

Full text
Abstract:
Web application has become an essential part of daily activities to provide easy accessibility that ensures better performance. It is a platform where sensitive information such as username, password, credit card details, operating system and software version. is stored that attracts intruders to generate most of their attacks. Intruders can steal valuable data by compromising web application security flaws; cross site scripting (XSS) vulnerability is one of these. Several studies have been conducted in order to prevent the XSS vulnerability. In this research, we searched Scopus Indexed articl
APA, Harvard, Vancouver, ISO, and other styles
19

Gupta, Punit, and Pallavi Kaliyar. "History Aware Anomaly Based IDS for Cloud IaaS." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 10, no. 6 (2013): 1779–84. http://dx.doi.org/10.24297/ijct.v10i6.3205.

Full text
Abstract:
Cloud Computing provides different types of services such as SaaS, PaaS, IaaS. Each of them have their own security challenges, but IaaS undertakes all types of challenges viz., network attack ,behaviour based attack, request based attacks i.e handling the requests from untrusted users, XSS (cross site scripting attack), DDOS and many more. These attacks are independent of each other and consequently the QoS provided by cloud is compromised. This paper proposes a History aware Behaviour based IDS (Intrusion Detection System) BIDS. BIDS provides detection of untrusted users, false requests th
APA, Harvard, Vancouver, ISO, and other styles
20

Prabhaswara, Ilham Yoga, I. Made Agus Dwi Suarjaya, and Ni Kadek Dwi Rusjayanthi. "Pengembangan Engine Web Crawler Sebagai Pencari Jejak Serangan Cyber Stored Cross-Site Scripting." JITTER : Jurnal Ilmiah Teknologi dan Komputer 4, no. 2 (2023): 1880. http://dx.doi.org/10.24843/jtrti.2023.v04.i02.p20.

Full text
Abstract:
Cross-site Scripting (XSS) vulnerability has long been a concern in web application security and is included in the OWASP Top 10 list. In 2017, XSS ranked 6th, but in 2021, it rose to the 4th position in the Injection category. This vulnerability exploits poorly validated input forms. This study aims to identify web pages that are vulnerable to Stored Cross-site Scripting attacks. The research is conducted by performing a search at three levels of depth. Web scraping is used to extract data from web pages, and the source code of the web pages is compared to Stored Cross-site Scripting attack p
APA, Harvard, Vancouver, ISO, and other styles
21

Deshbhratar, Meena, and Anurag Srivastava. "HANDLING VULNERABLE SCRIPT CODE IN WEB ENGINEERING." INTERNATIONAL RESEARCH JOURNAL OF ENGINEERING & APPLIED SCIENCES 9, no. 2 (2021): 01–04. http://dx.doi.org/10.55083/irjeas.2021.v09i02001.

Full text
Abstract:
Abstract- Network protection in our everyday lives is becoming increasingly critical today. Since we cannot live without the Internet, it is important to have a good and security environment for networking. Cross site scripting (XSS) does, however, attack millions of websites. We can use XSS to insert malicious scripting code into apps and then return it to the customer side. If users are using the web browser to visit the injecting place of the malicious script code, it is directly run on the customer machine. The main words of XSS are commonly found in the JavaScript browser or on the server
APA, Harvard, Vancouver, ISO, and other styles
22

Dr., AMMAR ALDALLAL, and KASHIF SHABBIR Dr. "Protecting Web Applications from Cross-Site Scripting Attacks." JOURNAL OF APPLIED ENGINEERING RESEARCH 2017, no. 03 (2017): 18. https://doi.org/10.5281/zenodo.849089.

Full text
Abstract:
<em>Existence of cross-site scripting (XSS) vulnerability can be traced back to 1995 during early days of Internet penetration. JavaScript, a programming language developed by Netscape, came into being around the same time. The noble intention of this programming language was for designing web applications to be more interactive. However, cyber criminals also learned how to trick users to load malicious scripts into websites, thus allowing them to access confidential data or compromise services. The enormity of such attacks promoted some organizations to engage in monitoring of XSS attacks and
APA, Harvard, Vancouver, ISO, and other styles
23

Prajapati, Abhishek, Kunal Thakur, Abhishek Kumar, Shirish Patil, and Vijaya Patil. "Crosscan: reflected xss scannera website to scan for reflected xss vulnerabilities." International Journal of Advanced Research 13, no. 05 (2025): 45–49. https://doi.org/10.21474/ijar01/20875.

Full text
Abstract:
Cross-Site Scripting (XSS) vulnerabilities are one of the most common security issues in web applications, allowing attackers to inject malicious scripts into web pages viewed by other users. Reflected XSS, a subset of XSS attacks, poses a significant risk as it can be exploited to steal sensitive information, impersonate users, and spread malware. This paper introduces an automated scanner designed to identify and analyze Reflected XSS vulnerabilities in web applications, streamlining the process of vulnerability detection for developers and security professionals. The proposed scanner levera
APA, Harvard, Vancouver, ISO, and other styles
24

Alisultanova, Iman A., and Deni M. Islamov. "ANALYSIS OF CROSS-SITE SCRIPTING VULNERABILITIES AND METHODS OF THEIR ELIMINATION." EKONOMIKA I UPRAVLENIE: PROBLEMY, RESHENIYA 3/10, no. 156 (2025): 174–81. https://doi.org/10.36871/ek.up.p.r.2025.03.10.023.

Full text
Abstract:
The article is devoted to the analysis of Cross-Site Scripting (XSS) vulnerabilities in web applications and methods of their elimination. XSS is one of the most common attacks on web applications, allowing attackers to inject malicious code into website pages. The article discusses the varieties of XSS, including reflected, stored, and DOM-based XSS, and their possible implications for web application security. Methods for detecting and preventing XSS attacks are described in detail, such as validating entered data, escaping output data, and using secure APIs. This article will be a useful so
APA, Harvard, Vancouver, ISO, and other styles
25

Shahriar, Hossain, Sarah North, Wei-Chuen Chen, and Edward Mawangi. "Information Theoretic XSS Attack Detection in Web Applications." International Journal of Secure Software Engineering 5, no. 3 (2014): 1–15. http://dx.doi.org/10.4018/ijsse.2014070101.

Full text
Abstract:
Cross-Site Scripting (XSS) has been ranked among the top three vulnerabilities over the last few years. XSS vulnerability allows an attacker to inject arbitrary JavaScript code that can be executed in the victim's browser to cause unwanted behaviors and security breaches. Despite the presence of many mitigation approaches, the discovery of XSS is still widespread among today's web applications. As a result, there is a need to improve existing solutions and to develop novel attack detection techniques. This paper proposes a proxy-level XSS attack detection approach based on a popular informatio
APA, Harvard, Vancouver, ISO, and other styles
26

Hartono, Hartono, Ryan Aji Wijaya, and Khusnul Khotimah. "Development of Detection and Mitigation of Advanced Persistent Threats Using Artificial Intelligence and Multi-Layer Security on Cloud Computing Infrastructure." International Journal of Artificial Intelligence Research 8, no. 2 (2024): 194. http://dx.doi.org/10.29099/ijair.v8i2.1250.

Full text
Abstract:
This research proposes a novel approach for detecting and mitigating Advanced Persistent Threats (APTs) in cloud computing infrastruc ture, offering more comprehensive protection compared to previous methods. By integrating detection and mitigation, this study addresses the shortcomings of prior research that focused solely on detection. Based on the conducted research, Artificial Intelligence (AI) detected Cross-Site Scripting (XSS) attacks with an accuracy of 0.9951, SQL Injection (SQLI) at 0.9964, and Remote Code Execution (RCE) at 0.9876. In trials against new attacks, the detection succes
APA, Harvard, Vancouver, ISO, and other styles
27

Fang, Yong, Cheng Huang, Yijia Xu, and Yang Li. "RLXSS: Optimizing XSS Detection Model to Defend Against Adversarial Attacks Based on Reinforcement Learning." Future Internet 11, no. 8 (2019): 177. http://dx.doi.org/10.3390/fi11080177.

Full text
Abstract:
With the development of artificial intelligence, machine learning algorithms and deep learning algorithms are widely applied to attack detection models. Adversarial attacks against artificial intelligence models become inevitable problems when there is a lack of research on the cross-site scripting (XSS) attack detection model for defense against attacks. It is extremely important to design a method that can effectively improve the detection model against attack. In this paper, we present a method based on reinforcement learning (called RLXSS), which aims to optimize the XSS detection model to
APA, Harvard, Vancouver, ISO, and other styles
28

Prasetio, Dimaz Arno, Kusrini Kusrini, and M. Rudyanto Arief. "Cross-site Scripting Attack Detection Using Machine Learning with Hybrid Features." JURNAL INFOTEL 13, no. 1 (2021): 1–6. http://dx.doi.org/10.20895/infotel.v13i1.606.

Full text
Abstract:
This study aims to measure the classification accuracy of XSS attacks by using a combination of two methods of determining feature characteristics, namely using linguistic computation and feature selection. XSS attacks have a certain pattern in their character arrangement, this can be studied by learners using n-gram modeling, but in certain cases XSS characteristics can contain a certain meta and synthetic this can be learned using feature selection modeling. From the results of this research, hybrid feature modeling gives good accuracy with an accuracy value of 99.87%, it is better than prev
APA, Harvard, Vancouver, ISO, and other styles
29

Farane Shradha, Gotane Rutuja, Chandanshive Sakshi, Agrawal Khushi, and Khandekar Srushti. "Detection of cyber-attacks and network attacks using Machine Learning." World Journal of Advanced Engineering Technology and Sciences 12, no. 1 (2024): 128–32. http://dx.doi.org/10.30574/wjaets.2024.12.1.0184.

Full text
Abstract:
The Internet and computer networks have become an important part of organizations and everyday life. New threats and challenges have emerged to wireless communication systems especially in cyber security and network attacks. The network traffic must be monitored and analysed to detect malicious activities and attacks. Recently, machine learning techniques have been applied toward the detection of network attacks. In cyber security, machine learning approaches have been utilized to handle important concerns such as intrusion detection, malware classification and detection, spam detection, and p
APA, Harvard, Vancouver, ISO, and other styles
30

Lesko, S. A. "Models and scenarios of implementation of threats for internet resources." Russian Technological Journal 8, no. 6 (2020): 9–33. http://dx.doi.org/10.32362/2500-316x-2020-8-6-9-33.

Full text
Abstract:
To facilitate the detection of various vulnerabilities, there are many different tools (scanners) that can help analyze the security of web applications and facilitate the development of their protection. But these tools for the most part can only identify problems, and they are not capable of fixing them. Therefore, the knowledge of the security developer is a key factor in building a secure Web resource. To resolve application security problems, developers must know all the ways and vectors of various attacks in order to be able to develop various protection mechanisms. This review discusses
APA, Harvard, Vancouver, ISO, and other styles
31

Wang, Yi-Hsun, Ching-Hao Mao, and Hahn-Ming Lee. "Structural Learning of Attack Vectors for Generating Mutated XSS Attacks." Electronic Proceedings in Theoretical Computer Science 35 (September 17, 2010): 15–26. http://dx.doi.org/10.4204/eptcs.35.2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Dora, Jean Rosemond, and Karol Nemoga. "Ontology for Cross-Site-Scripting (XSS) Attack in Cybersecurity." Journal of Cybersecurity and Privacy 1, no. 2 (2021): 319–39. http://dx.doi.org/10.3390/jcp1020018.

Full text
Abstract:
In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty
APA, Harvard, Vancouver, ISO, and other styles
33

AlJamal, Mahmoud, Rabee Alquran, Ayoub Alsarhan, et al. "A Robust Machine Learning Model for Detecting XSS Attacks on IoT over 5G Networks." Future Internet 16, no. 12 (2024): 482. https://doi.org/10.3390/fi16120482.

Full text
Abstract:
As the Internet of Things (IoT) expands rapidly and 5G networks become more widespread, the need for strong cybersecurity measures in IoT systems has become increasingly critical. Traditional security methods are no longer sufficient due to the shear volume, diversity, and limited processing capabilities of IoT devices. The high data transmission speeds of 5G networks further intensify the potential risks, making it essential to implement effective security measures. One of the major threats to IoT systems is Cross-Site Scripting (XSS) attacks. To address this issue, we introduce a new machine
APA, Harvard, Vancouver, ISO, and other styles
34

Chaudhary, Pooja, B. B. Gupta, and Shashank Gupta. "A Framework for Preserving the Privacy of Online Users Against XSS Worms on Online Social Network." International Journal of Information Technology and Web Engineering 14, no. 1 (2019): 85–111. http://dx.doi.org/10.4018/ijitwe.2019010105.

Full text
Abstract:
This article presents a hybrid framework i.e. OXSSD (Online Social Network-Based XSS-Defender) that explores cross-site scripting (XSS) attack vectors at the vulnerable points in web applications of social networks. Initially, during training phase, it generates the views for each request and formulates the access control list (ACL) which encompasses all the privileges a view can have. It also ascertains all possible injection points for extracting malicious attack vectors. Secondly, during recognition phase, after action authentication XSS attack vectors are retrieved from the extracted injec
APA, Harvard, Vancouver, ISO, and other styles
35

Brahmasani, Siva, Subramanian Selvakumar, and E. Sivasankar. "Prevention of XSS attacks using STCD." ACM SIGSOFT Software Engineering Notes 38, no. 1 (2013): 46–49. http://dx.doi.org/10.1145/2413038.2382768.

Full text
APA, Harvard, Vancouver, ISO, and other styles
36

Brahmasani, Siva, Subramanian Selvakumar, and E. Sivasankar. "Prevention of XSS attacks using STCD." ACM SIGSOFT Software Engineering Notes 37, no. 6 (2012): 1–9. http://dx.doi.org/10.1145/2382756.2382768.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Kadhim, Raed Waheed, and Methaq Talib Gaata. "A hybrid of CNN and LSTM methods for securing web application against cross-site scripting attack." Indonesian Journal of Electrical Engineering and Computer Science 21, no. 2 (2021): 1022–29. https://doi.org/10.11591/ijeecs.v21.i2.pp1022-1029.

Full text
Abstract:
Cross-site scripting (XSS) is today one of the biggest threatthat could targeting the Web application. Based on study published by the open web applications security project (OWASP), XSS vulnerability has been present among the TOP 10 Web application vulnerabilities. Still, an important security-related issue remains how to effectively protect web applications from XSS attacks. In first part of this paper, a method for detecting XSS attack was proposed by combining convolutional neural network (CNN) with long short term memories (LSTM), Initially, pre-processing was applied to XSS Data Set by
APA, Harvard, Vancouver, ISO, and other styles
38

Gunawan, Teddy Surya, Muhammad Kasim Lim, Mira Kartiwi, Noreha Abdul Malik, and Nanang Ismail. "Penetration Testing using Kali Linux: SQL Injection, XSS, Wordpres, and WPA2 Attacks." Indonesian Journal of Electrical Engineering and Computer Science 12, no. 2 (2018): 729. http://dx.doi.org/10.11591/ijeecs.v12.i2.pp729-737.

Full text
Abstract:
Nowadays, computers, smart phones, smart watches, printers, projectors, washing machines, fridges, and other mobile devices connected to Internet are exposed to various threats and exploits. Of the various attacks, SQL injection, cross site scripting, Wordpress, and WPA2 attack were the most popular security attacks and will be further investigated in this paper. Kali Linux provides a great platform and medium in learning various types of exploits and peneteration testing. All the simulated attack will be conducted using Kali Linux installed on virtual machine in a compuer with Intel Core i5 a
APA, Harvard, Vancouver, ISO, and other styles
39

Teddy, Surya Gunawan, Kasim Lim Muhammad, Kartiwi Mira, Abdul Malik Noreha, and Ismail Nanang. "Penetration Testing using Kali Linux: SQL Injection, XSS, Wordpres, and WPA2 Attacks." Indonesian Journal of Electrical Engineering and Computer Science 12, no. 2 (2018): 729–37. https://doi.org/10.11591/ijeecs.v12.i2.pp729-737.

Full text
Abstract:
Nowadays, computers, smart phones, smart watches, printers, projectors, washing machines, fridges, and other mobile devices connected to Internet are exposed to various threats and exploits. Of the various attacks, SQL injection, cross site scripting, Wordpress, and WPA2 attack were the most popular security attacks and will be further investigated in this paper. Kali Linux provides a great platform and medium in learning various types of exploits and peneteration testing. All the simulated attack will be conducted using Kali Linux installed on virtual machine in a compuer with Intel Core i5 a
APA, Harvard, Vancouver, ISO, and other styles
40

Nagar, Nitin, and Ugrasen Suman. "Analyzing Virtualization Vulnerabilities and Design a Secure Cloud Environment to Prevent from XSS Attack." International Journal of Cloud Applications and Computing 6, no. 1 (2016): 1–14. http://dx.doi.org/10.4018/ijcac.2016010101.

Full text
Abstract:
Cloud virtualization has created an enormous impact on IT and networking worlds. A cloud environment is built on virtualization technology. Virtualization and its exclusive architecture have numerous features and advantages over non-conventional virtual machines. However, these new uniqueness create new vulnerabilities and attacks on a virtualization based cloud system. Cross Site Scripting (XSS) is among the top cloud vulnerabilities, according to recent studies. This exposure occurs when a user uses the input from a cloud environment application without properly looking into them. This allow
APA, Harvard, Vancouver, ISO, and other styles
41

Hamzah, Khairatun Hisan, Mohd Zamri Osman, Tumusiime Anthony, Mohd Arfian Ismail, Zubaile Abdullah, and Alde Alanda. "Comparative Analysis of Machine Learning Algorithms for Cross-Site Scripting (XSS) Attack Detection." JOIV : International Journal on Informatics Visualization 8, no. 3-2 (2024): 1678. https://doi.org/10.62527/joiv.8.3-2.3451.

Full text
Abstract:
Cross-Site Scripting (XSS) attacks pose a significant cybersecurity threat by exploiting vulnerabilities in web applications to inject malicious scripts, enabling unauthorized access and execution of malicious code. Traditional XSS detection systems often struggle to identify increasingly complex XSS payloads. To address this issue, this research evaluated the efficacy of Machine Learning algorithms in detecting XSS threats within online web applications. The study conducts a comprehensive comparative analysis of XSS attack detection using four prominent Machine Learning algorithms, which cons
APA, Harvard, Vancouver, ISO, and other styles
42

Annas, Muhammad, Rizal Tjut Adek, and Yesy Afrillia. "Web Application Firewall (WAF) Design to Detect and Anticipate Hacking in Web-Based Applications." Journal of Advanced Computer Knowledge and Algorithms 1, no. 3 (2024): 52. http://dx.doi.org/10.29103/jacka.v1i3.16315.

Full text
Abstract:
Data leakage cases have recently been rampant in Indonesia. One of the biggest is the leak of user data from BPJS Health in 2021, this data leak is certainly very detrimental to users. This research develops a Web Application Firewall (WAF) using ModSecurity and OWASP Core Rule Set to protect web applications from SQL Injection and XSS attacks. The methodology involves analyzing the functionality of the existing system using UML, with DVWA and WordPress as test objects. Results showed 100% SQL Injection and 99.8% XSS attack detection, with logs recording attacks in real-time. The findings emph
APA, Harvard, Vancouver, ISO, and other styles
43

Xu, Hua Jie, Xiao Ming Hu, and Dong Dong Zhang. "A XSS Defensive Scheme Based on Behavior Certification." Applied Mechanics and Materials 241-244 (December 2012): 2365–69. http://dx.doi.org/10.4028/www.scientific.net/amm.241-244.2365.

Full text
Abstract:
The Scripting languages (mostly JavaScript) applications in the network are heavily used to improve the user experience now. The trends make XSS (Cross-site Scripting Attacks) the most serious security problems in the current Internet. A XSS defensive scheme based on behavior certification is proposed in the paper. The website behavior model is generated based on the website logic and the user behavior. The browsing behavior certification is implemented based on the expected behavior of the resulting model, so as to offer security for the client even in the case that web server has suffered XS
APA, Harvard, Vancouver, ISO, and other styles
44

Alhamyani, Rahmah, and Majid Alshammari. "Machine Learning-Driven Detection of Cross-Site Scripting Attacks." Information 15, no. 7 (2024): 420. http://dx.doi.org/10.3390/info15070420.

Full text
Abstract:
The ever-growing web application landscape, fueled by technological advancements, introduces new vulnerabilities to cyberattacks. Cross-site scripting (XSS) attacks pose a significant threat, exploiting the difficulty of distinguishing between benign and malicious scripts within web applications. Traditional detection methods struggle with high false-positive (FP) and false-negative (FN) rates. This research proposes a novel machine learning (ML)-based approach for robust XSS attack detection. We evaluate various models including Random Forest (RF), Logistic Regression (LR), Support Vector Mac
APA, Harvard, Vancouver, ISO, and other styles
45

Salama, A. A., El-Said F. Aboelfotoh, Huda E. Khalid, Ahmed K. Essa, Hazem M. El-Bakry, and Doaa S. El-Morshedy. "Integrating Neutrosophic Logic with ASP.NET to Prevent XSS Attacks." Neutrosophic Optimization and Intelligent Systems 5 (January 6, 2025): 14–28. https://doi.org/10.61356/j.nois.2025.5455.

Full text
Abstract:
The widespread adoption of web applications has led to an increase in security vulnerabilities, with Cross-Site Scripting (XSS) attacks emerging as a significant threat to data integrity and privacy. XSS exploits enable attackers to execute malicious scripts within users' browsers, compromising both systems and sensitive information. This study proposes a novel detection and prevention framework leveraging neutrosophic logic integrated with ASP.NET web applications. Neutrosophic logic provides a powerful decision-making mechanism by identifying uncertainty, truth, and falsity, enabling the sys
APA, Harvard, Vancouver, ISO, and other styles
46

Okhonko Pylyp. "Analysis of Vulnerabilities in The Content Security Policy Standard to Enhance Website Security." International Journal of Engineering and Computer Science 13, no. 12 (2024): 26677–81. https://doi.org/10.18535/ijecs/v13i12.4948.

Full text
Abstract:
This article analyzes the vulnerabilities of the Content Security Policy (CSP) standard with the aim of improving website security. It highlights that this standard has vulnerabilities that enable attackers to successfully execute attacks by injecting malicious code into web pages. The relevance of studying CSP vulnerabilities to enhance website protection is substantiated. The primary aspects of implementing web resource protection using the CSP standard are discussed. The article outlines the most well-known techniques for bypassing the directives of this standard. It describes the process o
APA, Harvard, Vancouver, ISO, and other styles
47

Vamsi, Mohan, and Sandeep Malik Dr. "Secure Web Applications Against Cross Site Scripting XSS A Review." International Journal of Trend in Scientific Research and Development 2, no. 1 (2017): 900–903. https://doi.org/10.31142/ijtsrd7135.

Full text
Abstract:
Cross Site Scripting XSS attacks are most common vulnerability issues in the digital era for the Web applications. These attacks occur, when an attacker uses a web application to send malicious code in the form of client side script. These scripts exploit the vulnerabilities in the code and resulting in a serious consequence like theft of cookies, passwords and any confidential user data. In extreme cases, the user may have lost his her control on the browser. In this paper, we explained detection, and prevention of Cross Site Scripting XSS vulnerability attacks through a systematic review pro
APA, Harvard, Vancouver, ISO, and other styles
48

Lu, Jiazhong, Zhitan Wei, Zhi Qin, Yan Chang, and Shibin Zhang. "Resolving Cross-Site Scripting Attacks through Fusion Verification and Machine Learning." Mathematics 10, no. 20 (2022): 3787. http://dx.doi.org/10.3390/math10203787.

Full text
Abstract:
The frequent variations of XSS (cross-site scripting) payloads make static and dynamic analysis difficult to detect effectively. In this paper, we proposed a fusion verification method that combines traffic detection with XSS payload detection, using machine learning to detect XSS attacks. In addition, we also proposed seven new payload features to improve detection efficiency. In order to verify the effectiveness of our method, we simulated and tested 20 public CVE (Common Vulnerabilities and Exposures) XSS attacks. The experimental results show that our proposed method has better accuracy th
APA, Harvard, Vancouver, ISO, and other styles
49

Zhao, Chunhui, Shuaijie Si, Tengfei Tu, Yijie Shi, and Sujuan Qin. "Deep-Learning Based Injection Attacks Detection Method for HTTP." Mathematics 10, no. 16 (2022): 2914. http://dx.doi.org/10.3390/math10162914.

Full text
Abstract:
In the context of the new era of high digitization and informatization, the emergence of the internet and artificial intelligence technologies has profoundly changed people’s lifestyles. The traditional cyber attack detection has become increasingly weak in the context of the increasingly complex network environment in the new era, and deep learning technology has begun to play a significant role in the field of network security. There are many kinds of attacks against web applications, which are very harmful, including SQL (Structured Query Language) injection, XSS (Cross-Site Scripting), and
APA, Harvard, Vancouver, ISO, and other styles
50

Kela, Rushabh, Abhinav Chawla, Pratishtha Gaur, and Dr Manikandan K. "IMPLEMENTATION OF CYBER SECURITY ATTACKS AND STRATEGIC MITIGATION MECHANISMS." international journal of advanced research in computer science 13, no. 4 (2022): 28–34. http://dx.doi.org/10.26483/ijarcs.v13i4.6890.

Full text
Abstract:
Cyber threats have increased drastically in the recent years and the most common targets are organisation applications or systems for data theft, disrupting the operations or any other malicious use. Incorporating website security prevents these sorts of attacks on the system. It is the act/practice of protecting websites from unauthorized access, use, modification, destruction, or disruption. A web application will be created and tested on various attacks such as Brute Force Dictionary attack, Denial-of-Service attacks, Cross Site Scripting (XSS) attack, NoSQL injections and WebSocket attacks
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography