Welcome to the InfoSci Platform
Reference Hub5
A Framework for Preserving the Privacy of Online Users Against XSS Worms on Online Social Network

A Framework for Preserving the Privacy of Online Users Against XSS Worms on Online Social Network

Pooja Chaudhary, B. B. Gupta, Shashank Gupta
Copyright: © 2019 |Volume: 14 |Issue: 1 |Pages: 27
ISSN: 1554-1045|EISSN: 1554-1053|EISBN13: 9781522564485|DOI: 10.4018/IJITWE.2019010105
Cite Article Cite Article

MLA

Chaudhary, Pooja, et al. "A Framework for Preserving the Privacy of Online Users Against XSS Worms on Online Social Network." IJITWE vol.14, no.1 2019: pp.85-111. http://doi.org/10.4018/IJITWE.2019010105

APA

Chaudhary, P., Gupta, B. B., & Gupta, S. (2019). A Framework for Preserving the Privacy of Online Users Against XSS Worms on Online Social Network. International Journal of Information Technology and Web Engineering (IJITWE), 14(1), 85-111. http://doi.org/10.4018/IJITWE.2019010105

Chicago

Chaudhary, Pooja, B. B. Gupta, and Shashank Gupta. "A Framework for Preserving the Privacy of Online Users Against XSS Worms on Online Social Network," International Journal of Information Technology and Web Engineering (IJITWE) 14, no.1: 85-111. http://doi.org/10.4018/IJITWE.2019010105

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

This article presents a hybrid framework i.e. OXSSD (Online Social Network-Based XSS-Defender) that explores cross-site scripting (XSS) attack vectors at the vulnerable points in web applications of social networks. Initially, during training phase, it generates the views for each request and formulates the access control list (ACL) which encompasses all the privileges a view can have. It also ascertains all possible injection points for extracting malicious attack vectors. Secondly, during recognition phase, after action authentication XSS attack vectors are retrieved from the extracted injection points followed by the clustering of these attack vectors. Finally, it sanitizes the compressed clustered template in a context-aware manner. This context-aware sanitization ensures efficient and accurate alleviation of XSS attacks from the OSN-based web applications. The authors will evaluate the detection capability of OXSSD on a tested suite of real world OSN-based web applications (Humhub, Elgg, WordPress, Drupal and Joomla). The performance analysis revealed that OXSSD detects injection of illicit attack vectors with very low false positives, false negatives and acceptable performance overhead.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.