UPM Institutional Repository

Towards removing cross-site scripting vulnerabilities from mobile web applications


Citation

Hydara, Isatou and Md Sultan, Abu Bakar and Zulzalil, Hazura and Admodisastro, Novia (2018) Towards removing cross-site scripting vulnerabilities from mobile web applications. Journal of Engineering and Applied Sciences, 13 (16). 6616 - 6621. ISSN 1816-949X; EISSN: 1818-7803

Abstract

Cross-site scripting vulnerabilities are among the most common of security vulnerabilities found in web applications and more recently in mobile versions of web applications. They have caused many successful attacks on web applications on a daily basis including loss of financial and health information, exposure to malware and viruses and denial of service attacks. Cross-site scripting vulnerabilities are easy to exploit but difficult to mitigate. Most of the existing solutions to cross-site scripting vulnerabilities focus only on the desktop version of web application and there is hardly any focus on the mobile versions. Also, most solutions provided only focus on preventing attacks or detecting the vulnerabilities. Very few research works have addressed eliminating these vulnerabilities from the web applications source codes. In this study, we present our research in progress on the removal of detected cross-site scripting vulnerabilities in mobile versions of web applications. We have proposed an approach in a previous research to detect and remove cross-site scripting vulnerabilities in desktop web applications. We have enhanced that approach and are currently testing it for the removal of cross-site scripting vulnerabilities in mobile versions of web applications. Initial evaluations have indicated promising results. We believe this approach can help web application developers to eliminate cross-site scripting vulnerabilities in not only their desktop web applications but also in the mobile version ones.


Download File

[img] Text
Towards removing cross-site scripting vulnerabilities from mobile web applications.pdf
Restricted to Repository staff only

Download (272kB)

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
DOI Number: https://doi.org/10.36478/jeasci.2018.6616.6621
Publisher: Medwell Publishing
Keywords: Cross-site scripting; Cross-site scripting vulnerability; Software security; Vulnerability removal; Web application; Application developers
Depositing User: Nida Hidayati Ghazali
Date Deposited: 30 Mar 2020 08:15
Last Modified: 30 Mar 2020 08:15
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.36478/jeasci.2018.6616.6621
URI: http://psasir.upm.edu.my/id/eprint/74324
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item