Abstract

This article presents an enhanced JavaScript feature-injection based framework that obstructs the execution of cross-site scripting (XSS) worms from the virtual machines of cloud-based online social network (OSN). It calculates the features of clustered-sanitised compressed templates of JavaScript attack vectors embedded in the HTTP response messages. Any variation observed in such JavaScript feature set indicates the injection of XSS worms on the cloud-based OSN server. The injected worms will further undergo through the process of nested context-aware sanitisation for its safe interpretation on the web browser. The prototype of our framework was developed in Java and installed in the virtual machines of cloud environment. The experimental evaluation of our framework was performed on the platform of OSN-based web applications deployed in the cloud platform. The performance analysis done revealed that our framework detects the injection of malicious JavaScript code with low false negative rate and acceptable performance overhead.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Nested context-aware sanitisation and feature injection in clustered templates of JavaScript worms on the cloud-based OSN
Shashank Gupta ... Pooja Chaudhary
International Journal of Information and Computer Security | VOL. 12
Shashank Gupta, et. al.Shashank Gupta ... Pooja Chaudhary
01 Jan 2020
Alleviating the proliferation of JavaScript worms from online social network in cloud platforms
Shashank Gupta ... B B Gupta
-
Shashank Gupta, et. al.Shashank Gupta ... B B Gupta
01 Apr 2016
WebMTD
Amirreza Niakanlahiji ... Jafar Haadi Jafarian
-
Amirreza Niakanlahiji, et. al.Amirreza Niakanlahiji ... Jafar Haadi Jafarian
30 Oct 2017
SFC: A Three Layer Smart Phone-Fag-Cloud Framework for Defending Against JavaScript Code Injection Vulnerabilities on OSN
Shashank Gupta ... B B Gugta
-
Shashank Gupta, et. al.Shashank Gupta ... B B Gugta
01 Jan 2018
View more papers

More From: International Journal of Information and Computer Security

Paper Title
Journal
Date
Author
A taxonomy of DDoS attacks and its impact on Docker architecture
Sushant Chamoli ... Varsha Mittal
International Journal of Information and Computer Security | VOL. 23
Sushant Chamoli, et. al.Sushant Chamoli ... Varsha Mittal
01 Jan 2024
Machine Learning and Deep Learning Techniques for Detecting and Mitigating Cyber Threats in IoT-Enabled Smart Grids: A Comprehensive Review
Siddharth Chauhan ... Kamlesh Dutta
International Journal of Information and Computer Security | VOL. 1
Siddharth Chauhan, et. al.Siddharth Chauhan ... Kamlesh Dutta
01 Jan 2024
Machine learning and deep learning techniques for detecting and mitigating cyber threats in IoT-enabled smart grids: a comprehensive review
Aschalew Tirulo ... Kamlesh Dutta
International Journal of Information and Computer Security | VOL. -
Aschalew Tirulo, et. al.Aschalew Tirulo ... Kamlesh Dutta
01 Jan 2024
Generating key-dependent involutory MDS matrices through permutations, direct exponentiation, and scalar multiplication
Hoang Dinh Linh ... Tran Thi Luong
International Journal of Information and Computer Security | VOL. 1
Hoang Dinh Linh, et. al.Hoang Dinh Linh ... Tran Thi Luong
01 Jan 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.