ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Detecting Cross-Site Scripting Vulnerability and performance comparison using C-Time and E-Time

Journal: International Journal of Advanced Computer Research (IJACR) (Vol.4, No. 15)

Publication Date:

Authors : ; ;

Page : 733-740

Keywords : Content sniffing; XSS; SQL Injection; C-Time; E-Time.;

Source : Downloadexternal Find it from : Google Scholarexternal

Abstract

Several works are in progress in the direction of web communication. The major threats are content sniffing, Cross-Site Scripting (XSS) and SQL Injection attacks. In content sniffing data is altered from any unauthorized script. XSS is a variant of this where malicious programs/scripts are executed from the client node for fake presence and steals the data. In SQL injection malicious SQL statements are inserted to monitor the database from the outside environment. The main aim of this paper is to detect the XSS attack and prevent the data from the final alteration. For this we are considering two types of time evaluation. First time is time to translating JSP script to java programs for data sending which is called C-Time and second time is for identification of vulnerable outputs that is called E-Time. Based on the timing comparison we will prove that our methodology has better detection in comparison to the traditional system.

Last modified: 2014-12-18 15:07:20