A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability

Fukuoka, Japan March 29-March 31

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/AINA.2004.1283902

18th International Conference on Adva ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Omar Ismail Articles by Masashi Etoh Articles by Youki Kadobayashi Articles by Suguru Yamaguchi

	ASCII Text	x
	Omar Ismail, Masashi Etoh, Youki Kadobayashi, Suguru Yamaguchi, "A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability," Advanced Information Networking and Applications, International Conference on, vol. 1, pp. 145, 18th International Conference on Advanced Information Networking and Applications (AINA'04) Volume 1, 2004.

	BibTex	x
	@article{ 10.1109/AINA.2004.1283902, author = {Omar Ismail and Masashi Etoh and Youki Kadobayashi and Suguru Yamaguchi}, title = {A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability}, journal ={Advanced Information Networking and Applications, International Conference on}, volume = {1}, year = {2004}, isbn = {0-7695-2051-0}, pages = {145}, doi = {http://doi.ieeecomputersociety.org/10.1109/AINA.2004.1283902}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Advanced Information Networking and Applications, International Conference on TI - A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability SN - 0-7695-2051-0 SP EP A1 - Omar Ismail, A1 - Masashi Etoh, A1 - Youki Kadobayashi, A1 - Suguru Yamaguchi, PY - 2004 KW - null VL - 1 JA - Advanced Information Networking and Applications, International Conference on ER -

Omar Ismail, Nara Institute of Science and Technology, Ikoma, Nara

Masashi Etoh, Nara Institute of Science and Technology, Ikoma, Nara

Youki Kadobayashi, Nara Institute of Science and Technology, Ikoma, Nara

Suguru Yamaguchi, Nara Institute of Science and Technology, Ikoma, Nara

Cross-site scripting (XSS) attacks target web sites with Cookie-based session management, resulting in the leakage of privacy information. Although several server-side countermeasures for XSS attacks do exist, such techniques have not been applied in a universal manner, because of their deployment overhead and the poor understanding of XSS problems. This paper proposes a client-side system that automatically detects XSS vulnerability by manipulating either request or server response. The system also shares the indication of vulnerability via a central repository. The purpose of the proposed system is twofold: to protect users from XSS attacks, and to warn the web servers with XSS vulnerabilities.

Citation:

Omar Ismail, Masashi Etoh, Youki Kadobayashi, Suguru Yamaguchi, "A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability," aina, vol. 1, pp.145, 18th International Conference on Advanced Information Networking and Applications (AINA'04) Volume 1, 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.