An approach for cross-site scripting detection and removal based on genetic algorithms.

Citation

Hydara, Isatou and Md Sultan, Abu Bakar and Zulzalil, Hazura and Admodisastro, Novia (2014) An approach for cross-site scripting detection and removal based on genetic algorithms. In: The Ninth International Conference on Software Engineering Advances - ICSEA 2014, 12-16 Oct. 2014, Nice, France. (pp. 227-232).

Abstract

Software security vulnerabilities have led to many successful attacks on applications, on a daily basis. These attacks, including cross-site scripting, have caused damages for both web site owners and users. Cross-site scripting vulnerabilities are easy to exploit but difficult to eliminate. Many solutions have been proposed for their detection. However, the problem of cross-site scripting vulnerabilities present in web applications still persists. In this paper, we propose to explore an approach based on genetic algorithms that will be able to detect and remove cross-site scripting vulnerabilities from the source code before an application is deployed. The proposed approach is, so far, only implemented and validated on Java-based Web applications, although it can be implemented in other programming languages with slight modifications. Initial evaluations have indicated promising results.

Download File

PDF
32711.pdf
Restricted to Repository staff only
Download (4MB)

Additional Metadata

Item Type:	Conference or Workshop Item (Paper)
Divisions:	Faculty of Computer Science and Information Technology
Keywords:	Cross-site scripting; Genetic algorithm; Software security; Vulnerability detection; Vulnerability removal
Depositing User:	Samsida Samsudin
Date Deposited:	12 Dec 2014 08:33
Last Modified:	12 Dec 2014 08:33
URI:	http://psasir.upm.edu.my/id/eprint/32711
Statistic Details:	View Download Statistic

Actions (login required)

View Item