Cross-site scripting detection based on an enhanced genetic algorithm
Software security vulnerabilities have led to many successful attacks on applications, especially web applications, on a daily basis. These attacks, including cross-site scripting, have caused damages for both web site owners and users. Cross-site scripting vulnerabilities are easy to exploit but di...
Saved in:
| Main Authors: | , , , |
|---|---|
| 格式: | Conference or Workshop Item |
| 语言: | English |
| 出版: |
Science and Knowledge Research Society
2015
|
| 在线阅读: | http://psasir.upm.edu.my/id/eprint/67005/1/ICCSCM-6.pdf http://psasir.upm.edu.my/id/eprint/67005/ |
| 标签: |
添加标签
没有标签, 成为第一个标记此记录!
|
| 总结: | Software security vulnerabilities have led to many successful attacks on applications, especially web applications, on a daily basis. These attacks, including cross-site scripting, have caused damages for both web site owners and users. Cross-site scripting vulnerabilities are easy to exploit but difficult to mitigate. Many solutions have been proposed for their detection. However, the problem of cross-site scripting vulnerabilities present in web applications still persists. In this paper, we propose to explore an approach based on genetic algorithms that will be able to detect cross-site scripting vulnerabilities in the source code before an application is deployed. The proposed approach is, so far, only implemented and validated on Java-based Web applications, although it can be implemented in other programming languages with slight modifications. Initial evaluations have indicated promising results. |
|---|