Cross-site Scripting Research Articles

Development of Mathematical Algorithm for Detecting XSS Attacks on Web Applications

The widespread usage of web applications has led to an increase in security threats, with Cross-Site Scripting (XSS) attacks being one of the most prevalent and damaging. Detecting and mitigating XSS attacks is crucial to ensure the integrity and confidentiality of sensitive user data. This article presents the mathematical algorithm and a way to identify XSS attacks using a bounded function from below, which depends on the input string, and highlights its potential impact in bolstering web application security. To construct this function, we used special characters and keywords that are frequently found in the construction of XSS attacks.

XSShield: A Novel Dataset and Lightweight Hybrid Deep Learning Model for XSS Attack Detection

With the proliferation of web applications, cross-site scripting (XSS) attacks have increased significantly and now pose a significant threat to users' information security and privacy. To enhance the efficiency of XSS attack detection, the adoption of machine learning (ML) and deep learning (DL) techniques offers promising solutions, but their effectiveness is limited by the lack of comprehensive and diverse datasets. Moreover, existing approaches often prioritize detection accuracy over real-time processing capabilities, which are essential for effective defense. To address these challenges, in this paper, we propose a novel framework that automatically collects web resources, efficiently extracts informative features, and constructs an up-to-date XSS attack dataset, which is then used to train a machine learning-based XSS detection model. Using this framework, we created and published a well-structured dataset over 100,000 samples for the research community. Furthermore, we present a hybrid detection model that leverages the strengths of both Convolutional Neural Networks (CNNs) and Long Short-Term Memory (LSTM) networks. Extensive evaluations of our dataset demonstrate that the proposed model outperforms other baseline ML models across various metrics, including processing rate. Notably, our model achieves an accuracy of 99.27% while maintaining a low false positive rate of 0.06% and high processing rate of exceeding 1000 samples per second. These results highlight its high accuracy and robustness in detecting XSS, and suitability for real-time applications. Our work presents a comprehensive solution for enhancing web application security by providing a diverse dataset and a high-accuracy detection model with low latency.

Security Analysis of Village Website Against Cross-Site Scripting Attacks

Security Analysis of Village Website Against Cross-Site Scripting Attacks

Cybercrime and the Necessity of Self-Protection in Fighting Cyber-Attacks

A cyberattack is an attack initiated from a computer against a website, computer system, or individual computer … that compromises the confidentiality, integrity, or availability of the computer or information stored on it. Every man’s activity nowadays is guarded, controlled, and directed majorly by the internet. The internet which seeks to connect individuals and corporate bodies has no doubt been infiltrated by bandwagons of internet fraudsters, cyber attackers, and computer programmers who have fashioned out so many means of attacking internet users like phishing, writing virus codes, installing rootkits, cross-site scripting and a host of others which in turn causes damages by stealing private personal data, attacking companies and their websites, attacking corporate entities, and organizations, etc. There’s equally no doubt to the fact that all these attacks by whatever mode always affect the receiver of the attack ineptly and in so many cases, lead to the loss of some personal data, private documents, and some others in monetary terms/values. It has become so important that individuals and corporate entities adopt various strategies and devise means to protect and guard themselves against cyberattacks. This article seeks to explain the concept of self-protection by identifying some types of cyber threats and explaining various ways by which individuals and bodies can protect themselves on the internet against cyberattacks thereby ensuring cyber security.

XSSer: hybrid deep learning for enhanced cross-site scripting detection

XSSer: hybrid deep learning for enhanced cross-site scripting detection

AUDIT DAN ANALISIS WEBSITE PEMERINTAH MENGGUNAKAN PENGUJIAN PENETRASI SQL INJECTION DAN CROSS SITE SCRIPTING (XSS)

This study aims to analyze the security of government websites, focusing on vulnerabilities caused by SQL Injection and Cross Site Scripting (XSS) attacks. In accordance with Presidential Instruction No. 3 of 2003 on National Policy and Strategy for E-Government Development, government agencies are required to provide digital services through official websites. However, this increase in digitalization presents challenges in the context of cybersecurity. The research applies penetration testing methods to several government websites in East Java, using the OWASP Top 10 as the primary guide. The results reveal that many government websites are vulnerable to SQL Injection and XSS attacks, which could lead to data theft and information manipulation. Recommendations for enhancing security include implementing input validation techniques and regularly updating software. This research contributes to raising cybersecurity awareness in the governmental sector.

Defending Against Modern Web Attacks: Strategies for Safeguarding User Identities and Data

Abstract: Organizations must adopt a comprehensive approach to safeguard user identities and sensitive data in the face of increasingly sophisticated web-based attacks. This article presents a multi-faceted strategy for defending against modern web threats, addressing key aspects such as phishing prevention, secure authentication mechanisms, protection against cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks, browser and endpoint security, web application security best practices, and the implementation of a Zero Trust security model. By examining the current landscape of web-based threats and providing actionable recommendations, this article aims to empower organizations with the knowledge and tools necessary to combat evolving cyber threats effectively. The proposed defensive measures encompass user awareness and education, robust technical controls, secure coding practices, and adopting technologies such as multi-factor authentication, biometric authentication, web application firewalls, and browser isolation techniques. Additionally, the article emphasizes the importance of a proactive approach to incident response and threat intelligence, enabling organizations to swiftly detect, contain, and mitigate web-based attacks. By implementing these strategies, organizations can significantly enhance their resilience against modern web threats, safeguarding user identities, protecting sensitive data, and maintaining a secure online presence in an increasingly hostile digital environment

Development of Detection and Mitigation of Advanced Persistent Threats Using Artificial Intelligence and Multi-Layer Security on Cloud Computing Infrastructure

This research proposes a novel approach for detecting and mitigating Advanced Persistent Threats (APTs) in cloud computing infrastruc ture, offering more comprehensive protection compared to previous methods. By integrating detection and mitigation, this study addresses the shortcomings of prior research that focused solely on detection. Based on the conducted research, Artificial Intelligence (AI) detected Cross-Site Scripting (XSS) attacks with an accuracy of 0.9951, SQL Injection (SQLI) at 0.9964, and Remote Code Execution (RCE) at 0.9876. In trials against new attacks, the detection success rates reached 70% for XSS, 98% for SQLI, and 100% for RCE. During the deployment phase, the system successfully identified 23.040 out of 108.394 requests as XSS attacks, 2.684 out of 128.750 as SQLI attacks, and 1.135 out of 46.450 as RCE attacks. The detection and mitigation methods were directly tested on cloud server experiencing APT attacks. The daily attacks on the server reached 1.980, with 663.000 requests. Additionally, the number of attacks directed at authentication or sensitive pages reached 17.913.701. Attack mitigation was tested through seven layers of security, including DNS Protection, Config Server Firewall (CSF), OWASP ModSecurity, HTTP middleware, data filter or sanitizer, template engine, and manual mitigation successfully blocking million of persistent attacks. The DNS protection layer successfully mitigated 59,000 out of a total of 19 million requests. The CSF layer mitigated 173 sources IP of DDoS attacks. The ModSecurity layer mitigated 17,916,204 attacks. All attacks were successfully mitigated before reaching the HTTP Middleware stage or next layer. The use of NIST 2.0 standards helps manage security risks through identification, protection, detection, response, and recovery. Test results indicate that this multi-layered system is more efficient and effective in detecting and mitigating attacks compared to traditional methods. However, the complexity of implementation and maintenance poses challenges that must be addressed. This research significantly contributes to a more adaptive and sustainable cybersecurity strategy.

Controlling user access with scripting to mitigate cyber-attacks

With the growing threats in the dynamic digital landscape, organizations are grappling with the difficult task of managing cyber-attacks by restricting user accessibility to most communication systems. This study aimed to develop a Linux script as a proactive response to the growing of cyber-attacks in organizational settings to prevent attacking vectors based on user negligence. The primary objective was to devise inventive solutions through script automation to restrict user access to the organizational network within predefined time frames, thereby mitigating potential cyber threats. The criteria used to define predefined time frames for user access, include the restriction of users on off duty times, The scripting seeks to address cyber-attacks targeted such as cross-site scripting (XSS) and SQL injection. To achieve the goal of this paper, the necessary steps and logic required to develop the scripts were taken. For instance, there are several suitable languages such as Bash, Python, or Perl, that can be used to write script. The paper selected Bash because it excels at scripting existing command-line tools and utilities, making it a great choice for automating tasks by using Vim text editor tool. The final scripts were run, some errors were identified, and modified as needed to ensure it worked correctly. This phase was necessary to improve the script's performance, readability, and maintainability by refining code, using efficient algorithms, by incorporating best practices. Finally, the various user inputs and scenarios were deployed to put the script into production for user access management. The adopted script metrics deployed such as Script Execution Time, Resources Utilization, Success Rate and Error Rate helped in evaluating the performance, efficiency, and effectiveness of the scripts. The implementation of the script achieved an executive time of 0.032 s, success rate was 1 and error rate was 0. The practical implementation in organizations can be scaled up or down depending on the organization's size and infrastructure. The compatibility of the developed Linux script with different operating systems, hardware platforms and network architectures will have no impact in adapting to various organizational environments. The script did not show any challenges, but real-world deployment may exhibit some potential challenges and limitations that may be associated with implementing the solution, such as resource constraints and legacy system compatibility.

Web of Threats: A Comprehensive Analysis of Various Injection Attacks on Web Application Software

With the ever-increasing reliance on software systems for critical functions across various domains, the threat landscape has evolved to exploit vulnerabilities within these systems. This research paper explores the clandestine domain of software injection attacks, presenting a comprehensive analysis of their methodologies and severity. The study begins by providing an in-depth exploration of various software injection techniques, such as SQL injection, cross-site scripting (XSS), and code injection etc elucidating the mechanisms through which attackers exploit vulnerabilities to compromise the integrity and confidentiality of sensitive data. Through a detailed examination of Dynamic Application Security Testing reports of different websites over the past two years, the paper sheds light on the diverse ways in which software injection attacks have been employed to compromise systems in different industries. This research paper provides a holistic understanding of software injection attacks, aiming to raise awareness among developers, security practitioners, and policymakers about the gravity of this threat. By elucidating the intricacies of these attacks and proposing effective countermeasures, the paper contributes to the ongoing efforts to bolster the resilience of software systems against evolving cyber threats.

Assessment of Vulnerabilities in Student Records Web-Based Systems for Public and Private Higher Learning Institutions in Tanzania

In spite that HLIs in Tanzania use web-based systems for managing, storing and processing of HLIs information and data such as website contents, academic results and financial records. The HLIs web-based system have been compromised by attackers due to presence of vulnerabilities. The main objective of this study is to assess the vulnerabilities of Students Records Web-based Systems (SRWBS) for private and public Higher Learning Institutions (HLIs) in Tanzania using black-box testing methodology by employing two automatic vulnerability scanners namely OWASP ZAP (Open Webs Application Security Project Zed Attack Proxy; open-source tool) and Acunetix (proprietary tool). This study assesses the vulnerability of SRWBS for 3 private HLIs and 5 public HLIs in Tanzania. The results reveal the total of 29 vulnerabilities which include but are not limited to Broken Authentication and Session Management, Broken Access Control, Security Misconfiguration, Sensitive Data Exposure, Vulnerable JS (Java Script) Libraries, CSRF (Cros Site Request Forgery), Using Components with Known Vulnerabilities, XSS (Cross Site Script), DOM (Document Object Model) based XSS and Reflected XSS. SRWBS of public HLIs were found more vulnerable by average 44.2% than the SRWBS of private HLIs which were vulnerable by average of 37%. Based on these results, this study provides some recommendations for mitigating vulnerabilities and improving the security of SRWBS for private and public HLIs in Tanzania.

Security Analysis of Web-Based Academic Information System using OWASP Framework

A The Academic Information System plays a crucial role in efficiently managing student, faculty, and campus administration data. However, system security needs to be a primary concern as it is vulnerable to cyber attacks. This research aims to analyze the security of the Academic Information System at the Muhammadiyah Business Institute Bekasi. The research method used is a comprehensive security analysis based on the OWASP framework. The study includes identifying potential vulnerabilities, penetration testing, and system improvement recommendations. Testing is conducted through simulated attacks based on the OWASP-released security risk list (OWASP Top Ten Most Critical Web Application Security Risks). The analysis results indicate that the system is vulnerable to Broken Authentication due to weak passwords, Sensitive Data Exposure due to URLs pointing to direct directories, and Security Misconfiguration due to open protocols. Furthermore, in CVSS scoring, SQL Injection scored 2.6 (Low), Broken Authentication scored 4.8 (Medium), Sensitive Data Exposure and Security Misconfiguration scored 5.3 (Medium), Cross-Site Scripting scored 2.0 (Low), while XXE, Broken Access Control, Insecure Deserialization, Using Components with Known Vulnerabilities, and Insufficient Logging and Monitoring scored 0.0 (No Vulnerability). Recommendations for future system improvements include regularly updating the system to prevent new security vulnerabilities, tighter server configurations, and routine system monitoring to promptly anticipate suspicious activities.

SAST Tools and Manual Testing to Improve the Methodology of Vulnerability Detection in Web Applications

Statically analyzing code during development is a common process of the development process, using Static Application Security Testing tools. SAST analyzes code without its execution and is also very fast compared to dynamic means and therefore focuses on a certain program part. However, the results of static analysis tools are not always accurate, either missing vulnerabilities or reporting false positives. This paper considers an evaluation of several SAST tools and an analysis of student code samples with known vulnerabilities, comparing manual analysis with the results of SAST tools. The results confirmed that SAST tools properly identify critical vulnerabilities and provide errors. A tool has identified ShiftLeft as the most efficient tool; however, its findings overlapped with the results of other tools for some applications. In addition, an analysis of student projects showed the most frequent vulnerabilities as Cross-site Scripting (XSS), NoSQL/SQL Injection, and Server-Side Request Forgery (SSRF) which make up more than 52% of the found vulnerabilities.

Optimized Bayesian regularization-back propagation neural network using data-driven intrusion detection system in Internet of Things

ABSTRACT Nowadays, the network intrusion and cyberattack have emerged as the two main issues with Internet of Things (IoT) applications. The existing methods for preventing and detecting intrusions are limited in many ways, making it impossible to accurately identify any kind of attack occurring within network traffic. A number of machine learning-based methods that attains poor performance in the multiple class categorization accuracy are provided by the researchers. This research presents Data-Driven Intrusion Detection System in Internet of Things utilizing Optimized Bayesian Regularization-Back Propagation Neural Network (DIDS-BRBPNN-BBWOA-IoT) to overcome these issues. The input data is taken from TON_IoT Dataset. The data balancing of the training dataset is enhanced using Class decomposition and synthetic minority class oversampling method (CDSMOTE). Then, the data is pre-processed using Variational Bayesian-based Maximum Correntropy Cubature Kalman Filtering (VBMCCKF) of noise removal and data enhancement. The preprocessed output is given into feature extraction to extract features by using Dual-Tree Biquaternion Wavelet Transform (DTBWT). The extracted features are fed into Bayesian Regularization-Back Propagation Neural Network (BRBPNN) which detects the intrusion as Ransomware, Password attack, Scanning, Denial of Service (DoS), Distributed Denial of Service (DDoS), Data injection, Backdoor, Cross-Site Scripting (XSS), and Man-In-The-Middle (MITM). In general, BRBPNN does not show any optimization adaption methods to determine the optimal parameter for appropriate detection. Hence, Binary Black Widow Optimization Algorithm (BBWOA) is proposed in this manuscript to improve the BRBPNN classifier that detects intrusion precisely. The proposed DIDS-BRBPNN-BBWOA-IoT method is implemented using Python. The performance of the DIDS-BRBPNN-BBWOA-IoT approach is examined using performance metrics like accuracy, precision, recall, f1-score, specificity, error rate; computation time, and ROC. The proposed SAPVAEGAN-LCC-IR approach attains 18.44%, 26% ,and 29% greater accuracy; 26.55%, 24.12%, and 27.22% greater recall compared with existing MIDS-MIoT, AID-SDN-IoT, and IID-LW-IoT techniques.

Advancing XSS Detection in IoT over 5G: A Cutting-Edge Artificial Neural Network Approach

The rapid expansion of the Internet of Things (IoT) and the advancement of 5G technology require strong cybersecurity measures within IoT frameworks. Traditional security methods are insufficient due to the wide variety and large number of IoT devices and their limited computational capabilities. With 5G enabling faster data transmission, security risks have increased, making effective protective measures essential. Cross-Site Scripting (XSS) attacks present a significant threat to IoT security. In response, we have developed a new approach using Artificial Neural Networks (ANNs) to identify and prevent XSS breaches in IoT systems over 5G networks. We significantly improved our model’s predictive performance by using filter and wrapper feature selection methods. We validated our approach using two datasets, NF-ToN-IoT-v2 and Edge-IIoTset, ensuring its strength and adaptability across different IoT environments. For the NF-ToN-IoT-v2 dataset with filter feature selection, our Bilayered Neural Network (2 × 10) achieved the highest accuracy of 99.84%. For the Edge-IIoTset dataset with filtered feature selection, the Trilayered Neural Network (3 × 10) achieved the best accuracy of 99.79%. We used ANOVA tests to address the sensitivity of neural network performance to initial conditions, confirming statistically significant improvements in detection accuracy. The ANOVA results validated the enhancements across different feature selection methods, demonstrating the consistency and reliability of our approach. Our method demonstrates outstanding accuracy and robustness, highlighting its potential as a reliable solution for enhancing IoT security in the era of 5G networks.

Machine Learning-Driven Detection of Cross-Site Scripting Attacks

The ever-growing web application landscape, fueled by technological advancements, introduces new vulnerabilities to cyberattacks. Cross-site scripting (XSS) attacks pose a significant threat, exploiting the difficulty of distinguishing between benign and malicious scripts within web applications. Traditional detection methods struggle with high false-positive (FP) and false-negative (FN) rates. This research proposes a novel machine learning (ML)-based approach for robust XSS attack detection. We evaluate various models including Random Forest (RF), Logistic Regression (LR), Support Vector Machines (SVMs), Decision Trees (DTs), Extreme Gradient Boosting (XGBoost), Multi-Layer Perceptron (MLP), Convolutional Neural Networks (CNNs), Artificial Neural Networks (ANNs), and ensemble learning. The models are trained on a real-world dataset categorized into benign and malicious traffic, incorporating feature selection methods like Information Gain (IG) and Analysis of Variance (ANOVA) for optimal performance. Our findings reveal exceptional accuracy, with the RF model achieving 99.78% and ensemble models exceeding 99.64%. These results surpass existing methods, demonstrating the effectiveness of the proposed approach in securing web applications while minimizing FPs and FNs. This research offers a significant contribution to the field of web application security by providing a highly accurate and robust ML-based solution for XSS attack detection.

Finding Vulnerability in Web Application by using Pentesting

Penetration testing, a proactive security measure, is indispensable in fortifying the resilience of web applications against cyber threats. This project explores the efficacy of penetration testing as a means to identify and mitigate vulnerabilities within web applications. By simulating real-world attacks, penetration testing uncovers potential weaknesses in the application’s architecture, codebase, and configurations. Through a systematic approach encompassing reconnaissance, vulnerability analysis, exploitation, and reporting, penetration testing provides invaluable insights for organizations to patch vulnerabilities and bolster their overall security posture. The abstract briefly describes the methodology involved in penetration testing and highlights its significance in mitigating risks and fortifying the security posture of web applications. This project examined further into the effectiveness of penetration testing as a preventative security strategy, uncovering vulnerabilities such as SQL injection and cross-site scripting. The investigation found subtle vulnerabilities in the online application’s architecture, programming, and customizations by painstakingly modeling actual cyberattacks. This thorough investigation gave firms a solid platform on which to strengthen their defenses against changing cyberthreats. The study also demonstrated how crucial penetration testing is for both finding vulnerabilities and enabling quick repair measures. Through thorough reporting, exploitation simulations, vulnerability analysis, and in-depth reconnaissance, the study demonstrated how penetration testing provides useful insights to improve online applications’ overall security posture. In the end, this project emphasizes how crucial penetration testing is to improving the robustness of web applications

Quantifying Vulnerabilities: A Systematic Review of the State-of-the-Art Web-Based Systems

Web-based Systems Vulnerabilities (WSVs) have been existing over a long time in all Open System Interconnection (OSI) layers. WSV tends to affect online business operations by letting attackers to gain unauthorized access. Different researchers have been publishing common WSVs regularly. From the published vulnerabilities, it can be noted that the ranking of vulnerabilities is not static. Prevalence of common vulnerabilities tends to vary with time. Moreover, ranking of vulnerabilities from various practitioners, such as OWASP and CWE, at a particular point in time tends to be different because of different approaches and sources. This work sought to come up with an objective way of establishing the latest ranking of common WSV by conducting a Systematic Literature Review from scholarly sources. This study extracted 127 publications from Scholarly Databases: Association of Computing Machineries, ScienceDirect, Springer, IEEE, and Google scholar. After the review, only 62 articles were considered based on five inclusion and exclusion criteria. The review reveals that cross site script, structured query language injection, broken authentication and session management, operating system command injection and file inclusion are the most common WSV.

Website Penetration Analysis Against XSS Attacks using Payload Method

This research aims to analyze the effectiveness of various penetration testing methods in identifying and mitigating XSS (Cross-Site Scripting) vulnerabilities in web applications. XSS is a type of web security attack that takes advantage of weaknesses in web applications to insert malicious code into web pages displayed to users. This attack can steal user data, take over user sessions, or spread malware. This research uses a penetration testing method with a black-box approach, where the researcher does not know the construction of the system being tested. Tests were conducted on 10 random websites, including 5 open-source websites and 5 commercial websites. The test results show that the payload method used is effective in exploiting XSS vulnerabilities on some websites. Of the 10 websites tested, 6 of them were successfully exploited using different payload methods. This research highlights the importance of using open-source penetration testing tools in detecting and addressing security vulnerabilities in web applications. These tools are easy to implement, supported by extensive documentation, and have a strong community. This research also emphasizes the importance of a deep understanding of how penetration testing tools work to identify and address security vulnerabilities. To address XSS vulnerabilities, this research recommends good programming techniques such as programming language updates, use of OOP (Object-Oriented Programming), MVC (Model-View-Controller) concepts, and use of frameworks. Further research can be done to develop and test new payload methods, explore the use of other penetration testing tools, and test security vulnerabilities in other types of web applications.

Automate the verification of session cookie attributes

In this research, we focus on a critical web security topic, namely the security of session cookies, which play a key role in the functioning of modern web applications. As a standard mechanism for storing data on the client side, cookies are crucial for authentication, authorization and maintaining the state of a user's session. However, despite their necessity and convenience, cookies can also pose serious security risks. Our research focuses on the analysis and automation of cookie attribute verification, which is critical to ensuring protection against various web attacks. Identifying and eliminating weaknesses in cookie attributes can significantly reduce the risk of malicious attacks such as session hijacking, cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. We take an in-depth look at modern methods and tools for securing cookies, including implementing strict policies on cookie attributes such as Secure, HttpOnly, and SameSite. These attributes help to restrict access to cookies from unauthorized use via client-side scripts and provide additional protection against cross-site attacks. In addition, we consider the importance of updating the cookie standard, RFC6265bis, which offers improved security mechanisms, including the SameSite attribute, which allows controlling the sending of cookies during cross-requests, thereby reducing the risk of CSRF attacks. Our research also includes an analysis of potential threats and vulnerabilities associated with the misuse or misconfiguration of cookies, as well as a discussion of strategies to minimize these risks. We demonstrate how detailed automated verification of cookie attributes can significantly improve the security of web applications. The results of the study point to the need to constantly monitor and evaluate the protection of session cookies, as well as the importance of implementing security best practices and standards to ensure the reliability and security of web applications.