Abstract
Cross site scripting (XSS) is one of the major threats to the web application security, where the research is still underway for an effective and useful way to analyse the source code of web application and removes this threat. XSS occurs by injecting the malicious scripts into web application and it can lead to significant violations at the site or for the user. Several solutions have been recommended for their detection. However, their results do not appear to be effective enough to resolve the issue. This paper recommended a methodology for the detection of XSS from the PHP web application using genetic algorithm (GA) and static analysis. The methodology enhances the earlier approaches of determining XSS vulnerability in the web application by eliminating the infeasible paths from the control flow graph (CFG). This aids in reducing the false positive rate in the outcomes. The results of the experiments indicated that our methodology is more effectual in detecting XSS vulnerability from the PHP web application compared to the earlier studies, in terms of the false positive rates and the concrete susceptible paths determined by GA Generator.
Highlights
Software systems have been deployed to the public with unexpected security holes
The results shown that the proposed genetic algorithm (GA) generator is better than the GA generator designed by Moataz and Fakhreldin [10], which they presents a high false positive in their results in detection of Stored and Reflected XSS vulnerability
This paper formulated the security testing for XSS vulnerabilities in a search optimization approach, with an objective of eliminating the threat arising from XSS vulnerability in PHP web application
Summary
Software systems have been deployed to the public with unexpected security holes. The reason for these security holes is mainly the short time frame of this program‟s development [1]. Research on security programs is modern, effective solutions are highly demanded because of the importance of creating programs that are secure and less vulnerable to attacks [2,3]. By injecting malicious scripts into web applications, crosssite scripting (XSS) vulnerabilities are one of the most common security problems in web applications [4,5]. The problem of XSS vulnerabilities in web applications still persists [7]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
