Ontology for Cross-Site-Scripting (XSS) Attack in Cybersecurity
نویسندگان
چکیده
In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is exploitation of websites by XSS attacks, are nowadays considered complicated attack. These types attacks aim to execute malicious scripts web browser client including code legitimate page. A serious matter when website accepts “user-input” option. Attackers can exploit application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from server and/or client. However, difficulty varies website. Our focus on usage ontology against importance ontology, its core meaning for cybersecurity. We explain how vulnerable be exploited, different JavaScript payloads used detect vulnerabilities. also enumerate some tools use an efficient analysis. present detailed reasoning what done improve security order resist provide supportive examples. Then, apply model strengthen protection application. note existence does not itself, but it has properly should require maximum layers taken into account.
منابع مشابه
XSS-GUARD: Precise Dynamic Prevention of Cross-Site Scripting Attacks
This paper focuses on defense mechanisms for cross-site scripting attacks, the top threat on web applications today. It is believed that input validation (or filtering) can effectively prevent XSS attacks on the server side. In this paper, we discuss several recent real-world XSS attacks and analyze the reasons for the failure of filtering mechanisms in defending these attacks. We conclude that...
متن کاملEradicating Cross Site Scripting Attack for a Secure Web Access
Recent updates of Vulnerability reports of the Open Web Application Security Project confirm that Cross Site Scripting (XSS) is one of the most common and severe web security defects. Cross-Site Scripting occurs when an application takes data from the user and sends it back to a web browser without validation or encoding. It occurs when the web application references the user input in HTML page...
متن کاملExploitation of Cross-Site Scripting (XSS) Vulnerability on Real World Web Applications and its Defense
Attacks on web applications are growing rapidly with the opening of new technologies, HTML tags and JavaScript functions. Cross-Site Scripting (XSS) vulnerabilities are being exploited by the attackers to steal web browser's resources (cookies, credentials etc. ) by injecting the malicious JavaScript code on the victim's web applications. The existing techniques like filtering of tags...
متن کاملXSS Peeker: A Systematic Analysis of Cross-site Scripting Vulnerability Scanners
Since the first publication of the “OWASP Top 10” (2004), cross-site scripting (XSS) vulnerabilities have always been among the top 5 web application security bugs. Black-box vulnerability scanners are widely used in the industry to reproduce (XSS) attacks automatically. In spite of the technical sophistication and advancement, previous work showed that black-box scanners miss a non-negligible ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of cybersecurity and privacy
سال: 2021
ISSN: ['2624-800X']
DOI: https://doi.org/10.3390/jcp1020018