Detecting Cross-Site Scripting Vulnerability and performance comparison using C-Time and E-Time
Journal: International Journal of Advanced Computer Research (IJACR) (Vol.4, No. 15)Publication Date: 2014-06-17
Authors : Urmi Chhajed; Ajay Kumar;
Page : 733-740
Keywords : Content sniffing; XSS; SQL Injection; C-Time; E-Time.;
Abstract
Several works are in progress in the direction of web communication. The major threats are content sniffing, Cross-Site Scripting (XSS) and SQL Injection attacks. In content sniffing data is altered from any unauthorized script. XSS is a variant of this where malicious programs/scripts are executed from the client node for fake presence and steals the data. In SQL injection malicious SQL statements are inserted to monitor the database from the outside environment. The main aim of this paper is to detect the XSS attack and prevent the data from the final alteration. For this we are considering two types of time evaluation. First time is time to translating JSP script to java programs for data sending which is called C-Time and second time is for identification of vulnerable outputs that is called E-Time. Based on the timing comparison we will prove that our methodology has better detection in comparison to the traditional system.
Other Latest Articles
- Attack Penetration System for SQL Injection
- Tessent BSCAN Insertion on 28nm SOC
- Low Power State Retention Technique for CMOS VLSI Design
- Digital Watermarking for Medical Images using Biorthogonal Wavelet Filters and Transformed Watermark Embedding
- Classifications of Cybercrimes-Based Legislations: A Comparative Research between the UK and KSA
Last modified: 2014-12-18 15:07:20