Article

XSSDS: Server-Side Detection of Cross-Site Scripting Attacks

Authors:

Martin Johns,

Björn Engelmann,

Joachim PoseggaAuthors Info & Claims

ACSAC '08: Proceedings of the 2008 Annual Computer Security Applications Conference

Pages 335 - 344

https://doi.org/10.1109/ACSAC.2008.36

Published: 08 December 2008 Publication History

Publisher Site

Abstract

Cross-site Scripting (XSS) has emerged to one of the most prevalent type of security vulnerabilities. While the reason for the vulnerability primarily lies on the server-side, the actual exploitation is within the victim's web browser on the client-side. Therefore, an operator of a web application has only very limited evidence of XSS issues. In this paper, we propose a passive detection system to identify successful XSS attacks. Based on a prototypical implementation, we examine our approach's accuracy and verify its detection capabilities. We compiled a data-set of 500.000 individual HTTP request/response-pairs from 95 popular web applications for this, in combination with both real word and manually crafted XSS-exploits; our detection approach results in a total of zero false negatives for all tests, while maintaining an excellent false positive rate for more than 80% of the examined web applications.

Cited By

View all

Hannousse AYahiouche SNait-Hamoud M(2024)Twenty-two years since revealing cross-site scripting attacksComputer Science Review10.1016/j.cosrev.2024.10063452:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.cosrev.2024.100634
Lee SWi SSon S(2022)Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement LearningProceedings of the ACM Web Conference 202210.1145/3485447.3512234(743-754)Online publication date: 25-Apr-2022
https://dl.acm.org/doi/10.1145/3485447.3512234
Bui TRao SAntikainen MAura TSun HShieh SGu GAteniese G(2020)XSS Vulnerabilities in Cloud-Application Add-OnsProceedings of the 15th ACM Asia Conference on Computer and Communications Security10.1145/3320269.3384744(610-621)Online publication date: 5-Oct-2020
https://dl.acm.org/doi/10.1145/3320269.3384744
Show More Cited By

Index Terms

XSSDS: Server-Side Detection of Cross-Site Scripting Attacks
1. Security and privacy

Index terms have been assigned to the content through auto-classification.

Recommendations

A Distributed Security Approach against ARP Cache Poisoning Attack
CySSS '22: Proceedings of the 1st Workshop on Cybersecurity and Social Sciences

The Address Resolution Protocol (ARP) has a critical function in the Internet protocol suite, however, it was not designed for security as it does not verify that a response to an ARP request really comes from an authorized party. This weak point in the ...
D-ward: source-end defense against distributed denial-of-service attacks
Detecting Insider Theft of Trade Secrets

Trusted insiders who misuse their privileges to gather and steal sensitive information represent a potent threat to businesses. Applying access controls to protect sensitive information can reduce the threat but has significant limitations. Even if ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACSAC '08: Proceedings of the 2008 Annual Computer Security Applications Conference

December 2008

463 pages

ISBN:9780769534473

Publisher

IEEE Computer Society

United States

Publication History

Published: 08 December 2008

Author Tag

XSS, Cross-site Scripting, detection, web application security

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hannousse AYahiouche SNait-Hamoud M(2024)Twenty-two years since revealing cross-site scripting attacksComputer Science Review10.1016/j.cosrev.2024.10063452:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.cosrev.2024.100634
Lee SWi SSon S(2022)Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement LearningProceedings of the ACM Web Conference 202210.1145/3485447.3512234(743-754)Online publication date: 25-Apr-2022
https://dl.acm.org/doi/10.1145/3485447.3512234
Bui TRao SAntikainen MAura TSun HShieh SGu GAteniese G(2020)XSS Vulnerabilities in Cloud-Application Add-OnsProceedings of the 15th ACM Asia Conference on Computer and Communications Security10.1145/3320269.3384744(610-621)Online publication date: 5-Oct-2020
https://dl.acm.org/doi/10.1145/3320269.3384744
(2018)Robust injection point-based framework for modern applications against XSS vulnerabilities in online social networksInternational Journal of Information and Computer Security10.5555/3270804.327080810:2-3(170-200)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.5555/3270804.3270808
Mitropoulos DStroggylos KSpinellis DKeromytis A(2016)How to Train Your BrowserACM Transactions on Privacy and Security10.1145/293937419:1(1-31)Online publication date: 19-Jul-2016
https://dl.acm.org/doi/10.1145/2939374
Gupta SGupta B(2016)Automated Discovery of JavaScript Code Injection Attacks in PHP Web ApplicationsProcedia Computer Science10.1016/j.procs.2016.02.01478:C(82-87)Online publication date: 1-Mar-2016
https://dl.acm.org/doi/10.1016/j.procs.2016.02.014
Heiderich MNiemietz MSchuster FHolz TSchwenk J(2014)Scriptless attacksJournal of Computer Security10.5555/2699784.269978822:4(567-599)Online publication date: 1-Jul-2014
https://dl.acm.org/doi/10.5555/2699784.2699788
Shahriar HNorth SLee YHu R(2014)Server-side code injection attack detection based on Kullback-Leibler distanceInternational Journal of Internet Technology and Secured Transactions10.5555/2678374.26783775:3(240-261)Online publication date: 1-Oct-2014
https://dl.acm.org/doi/10.5555/2678374.2678377
Li XXue Y(2014)A survey on server-side approaches to securing web applicationsACM Computing Surveys10.1145/254131546:4(1-29)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.1145/2541315
Heiderich MNiemietz MSchuster FHolz TSchwenk JYu TDanezis GGligor V(2012)Scriptless attacksProceedings of the 2012 ACM conference on Computer and communications security10.1145/2382196.2382276(760-771)Online publication date: 16-Oct-2012
https://dl.acm.org/doi/10.1145/2382196.2382276
Show More Cited By

Abstract

Cited By

Index Terms

Recommendations

A Distributed Security Approach against ARP Cache Poisoning Attack

D-ward: source-end defense against distributed denial-of-service attacks

Detecting Insider Theft of Trade Secrets

Comments

Information

Published In

Publisher

Publication History

Author Tag

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations