Review of XSS Attack and Detection on Web Applications
Authors
Wen-bing ZHAO, Dan WANG, Zhi-ming DING
Corresponding Author
Wen-bing ZHAO
Available Online December 2016.
- DOI
- 10.2991/cnct-16.2017.111How to use a DOI?
- Keywords
- XSS Attack, Vulnerability Detection, Web Application Style.
- Abstract
Aiming at the difficulties to prevent Web applications to be maliciously injected which are increased by all kinds of dynamic Web technologies applied, concentrate on XSS attack, this paper reviews the research progresses of Web application injection vulnerabilities detection in recent years. It summarizes the classification and causes of the XSS injection security vulnerabilities, analyzes the complexity of security vulnerabilities detection; then proposes the key technologies of the existing detection approached, including analyzing and identifying the injection points, injection detection by software analysis and testing, symbolic execution, taint analysis; finally presents its future development direction.
- Copyright
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Wen-bing ZHAO AU - Dan WANG AU - Zhi-ming DING PY - 2016/12 DA - 2016/12 TI - Review of XSS Attack and Detection on Web Applications BT - Proceedings of the International Conference on Computer Networks and Communication Technology (CNCT 2016) PB - Atlantis Press SP - 798 EP - 804 SN - 2352-538X UR - https://doi.org/10.2991/cnct-16.2017.111 DO - 10.2991/cnct-16.2017.111 ID - ZHAO2016/12 ER -