Proceedings of the International Conference on Computer Networks and Communication Technology (CNCT 2016)

Review of XSS Attack and Detection on Web Applications

Authors
Wen-bing ZHAO, Dan WANG, Zhi-ming DING
Corresponding Author
Wen-bing ZHAO
Available Online December 2016.
DOI
https://doi.org/10.2991/cnct-16.2017.111How to use a DOI?
Keywords
XSS Attack, Vulnerability Detection, Web Application Style.
Abstract

Aiming at the difficulties to prevent Web applications to be maliciously injected which are increased by all kinds of dynamic Web technologies applied, concentrate on XSS attack, this paper reviews the research progresses of Web application injection vulnerabilities detection in recent years. It summarizes the classification and causes of the XSS injection security vulnerabilities, analyzes the complexity of security vulnerabilities detection; then proposes the key technologies of the existing detection approached, including analyzing and identifying the injection points, injection detection by software analysis and testing, symbolic execution, taint analysis; finally presents its future development direction.

Copyright
© 2017, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the International Conference on Computer Networks and Communication Technology (CNCT 2016)
Series
Advances in Computer Science Research
Publication Date
December 2016
ISBN
978-94-6252-301-2
ISSN
2352-538X
DOI
https://doi.org/10.2991/cnct-16.2017.111How to use a DOI?
Copyright
© 2017, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Wen-bing ZHAO
AU  - Dan WANG
AU  - Zhi-ming DING
PY  - 2016/12
DA  - 2016/12
TI  - Review of XSS Attack and Detection on Web Applications
BT  - Proceedings of the International Conference on Computer Networks and Communication Technology (CNCT 2016)
PB  - Atlantis Press
SP  - 798
EP  - 804
SN  - 2352-538X
UR  - https://doi.org/10.2991/cnct-16.2017.111
DO  - https://doi.org/10.2991/cnct-16.2017.111
ID  - ZHAO2016/12
ER  -