Riding out DOMsday: Toward Detecting and Preventing DOM Cross-Site Scripting
نویسندگان
چکیده
Cross-site scripting (XSS) vulnerabilities are the most frequently reported web application vulnerability. As complex JavaScript applications become more widespread, DOM (Document Object Model) XSS vulnerabilities—a type of XSS vulnerability where the vulnerability is located in client-side JavaScript, rather than server-side code—are becoming more common. As the first contribution of this work, we empirically assess the impact of DOM XSS on the web using a browser with taint tracking embedded in the JavaScript engine. Building on the methodology used in a previous study that crawled popular websites, we collect a current dataset of potential DOM XSS vulnerabilities. We improve on the methodology for confirming XSS vulnerabilities, and using this improved methodology, we find 83% more vulnerabilities than previous methodology applied to the same dataset. As a second contribution, we identify the causes of and discuss how to prevent DOM XSS vulnerabilities. One example of our findings is that custom HTML templating designs—a design pattern that could prevent DOM XSS vulnerabilities analogous to parameterized SQL—can be buggy in practice, allowing DOM XSS attacks. As our third contribution, we evaluate the error rates of three static-analysis tools to detect DOM XSS vulnerabilities found with dynamic analysis techniques using in-the-wild examples. We find static-analysis tools to miss 90% of bugs found by our dynamic analysis, though some tools can have very few false positives and at the same time find vulnerabilities not found using the dynamic analysis.
منابع مشابه
ECE1776F: Project Proposal: A Client-Side Browser-Integrated Solution for Detecting and Preventing Cross Site Scripting (XSS) Attacks
متن کامل
DOM-basiertes Cross-Site Scripting im Web: Reise in ein unerforschtes Land
Cross-site Scripting (XSS) ist eine weit verbreitete Verwundbarkeitsklasse in Web-Anwendungen und kann sowohl von server-seitigem als auch von clientseitigem Code verursacht werden. Allerdings wird XSS primär als ein server-seitiges Problem wahrgenommen, motiviert durch das Offenlegen von zahlreichen entsprechenden XSS-Schwächen. In den letzten Jahren jedoch kann eine zunehmende Verlagerung von...
متن کاملPrecise Client-side Protection against DOM-based Cross-Site Scripting
The current generation of client-side Cross-Site Scripting filters rely on string comparison to detect request values that are reflected in the corresponding response’s HTML. This coarse approximation of occurring data flows is incapable of reliably stopping attacks which leverage nontrivial injection contexts. To demonstrate this, we conduct a thorough analysis of the current state-of-the-art ...
متن کاملAn Architecture for Enforcing JavaScript Randomization in Web2.0 Applications
Instruction Set Randomization (ISR) is a promising technique for preventing code-injection attacks. In this paper we present a complete randomization framework for JavaScript aiming at detecting and preventing Cross-Site Scripting (XSS) attacks. RaJa randomizes JavaScript source without changing the code structure. Only JavaScript identifiers are carefully modified and the randomized code can b...
متن کاملSmart XSS Attack Surveillance System for OSN in Virtualized Intelligence Network of Nodes of Fog Computing
ThisarticleintroducesadistributedintelligencenetworkofFogcomputingnodesandClouddata centresforsmartdevicesagainstXSSvulnerabilitiesinOnlineSocialNetwork(OSN).Thecloud datacentrescomputethefeaturesofJavaScript,injectsthemintheformofcommentsandsavedthem inthescriptnodesofDocumentObjectModel(DOM)tree.ThenetworkofFogdevicesre-executes the...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017