Welcome to the InfoSci Platform
Reference Hub1
Information Theoretic XSS Attack Detection in Web Applications

Information Theoretic XSS Attack Detection in Web Applications

Hossain Shahriar, Sarah North, Wei-Chuen Chen, Edward Mawangi
Copyright: © 2018 |Pages: 16
ISBN13: 9781522534228|ISBN10: 1522534229|EISBN13: 9781522534235
DOI: 10.4018/978-1-5225-3422-8.ch042
Cite Chapter Cite Chapter

MLA

Shahriar, Hossain, et al. "Information Theoretic XSS Attack Detection in Web Applications." Application Development and Design: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, IGI Global, 2018, pp. 972-987. https://doi.org/10.4018/978-1-5225-3422-8.ch042

APA

Shahriar, H., North, S., Chen, W., & Mawangi, E. (2018). Information Theoretic XSS Attack Detection in Web Applications. In I. Management Association (Ed.), Application Development and Design: Concepts, Methodologies, Tools, and Applications (pp. 972-987). IGI Global. https://doi.org/10.4018/978-1-5225-3422-8.ch042

Chicago

Shahriar, Hossain, et al. "Information Theoretic XSS Attack Detection in Web Applications." In Application Development and Design: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, 972-987. Hershey, PA: IGI Global, 2018. https://doi.org/10.4018/978-1-5225-3422-8.ch042

Export Reference

Mendeley
Favorite

Abstract

Cross-Site Scripting (XSS) has been ranked among the top three vulnerabilities over the last few years. XSS vulnerability allows an attacker to inject arbitrary JavaScript code that can be executed in the victim's browser to cause unwanted behaviors and security breaches. Despite the presence of many mitigation approaches, the discovery of XSS is still widespread among today's web applications. As a result, there is a need to improve existing solutions and to develop novel attack detection techniques. This paper proposes a proxy-level XSS attack detection approach based on a popular information-theoretic measure known as Kullback-Leibler Divergence (KLD). Legitimate JavaScript code present in an application should remain similar or very close to the JavaScript code present in a rendered web page. A deviation between the two can be an indication of an XSS attack. This paper applies a back-off smoothing technique to effectively detect the presence of malicious JavaScript code in response pages. The proposed approach has been applied for a number of open-source PHP web applications containing XSS vulnerabilities. The initial results show that the approach can effectively detect XSS attacks and suffer from low false positive rate through proper choice of threshold values of KLD. Further, the performance overhead has been found to be negligible.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.