Victim's Browser Research Articles

Cross-Site Scripting Attack Detection and Removal using Ant Colony Optimization Approach

Nowadays many web sites makes extensive use of client side scripts and offer numerous features that contribute rich content to enhance the user experience. This trend makes the web developers fail to sanitize user inputs properly and increase the frequency of cross-site scripting attack (XSS). In Cross-site scripting an attacker causes a victim's browser to execute the malicious code with the privileges of a trusted host. Hence we have proposed a Ant colony approach to detect and prevent XSS attacks. At first a web page is scanned for the attack prone html attributes and the nodes are referred to as sensitive links. The Ant during their travel classifies the paths as vulnerable or most vulnerable according to their strength. Hence such paths are then replaced using ESAPI rules to prevent attack.

Information Theoretic XSS Attack Detection in Web Applications

Cross-Site Scripting (XSS) has been ranked among the top three vulnerabilities over the last few years. XSS vulnerability allows an attacker to inject arbitrary JavaScript code that can be executed in the victim's browser to cause unwanted behaviors and security breaches. Despite the presence of many mitigation approaches, the discovery of XSS is still widespread among today's web applications. As a result, there is a need to improve existing solutions and to develop novel attack detection techniques. This paper proposes a proxy-level XSS attack detection approach based on a popular information-theoretic measure known as Kullback-Leibler Divergence (KLD). Legitimate JavaScript code present in an application should remain similar or very close to the JavaScript code present in a rendered web page. A deviation between the two can be an indication of an XSS attack. This paper applies a back-off smoothing technique to effectively detect the presence of malicious JavaScript code in response pages. The proposed approach has been applied for a number of open-source PHP web applications containing XSS vulnerabilities. The initial results show that the approach can effectively detect XSS attacks and suffer from low false positive rate through proper choice of threshold values of KLD. Further, the performance overhead has been found to be negligible.

Flow stealing: A well-timed redirection attack

In this work, we present a Flow Stealing attack, where a victim's browser is redirected in the middle of a browsing session. We detail two attack scenarios. The first is redirecting the victim's browser as it moves from a store to a payment provider,