Dynamic Web Application Analysis for Cross Site Scripting Detection

@inproceedings{Engelmann2007DynamicWA,
  title={Dynamic Web Application Analysis for Cross Site Scripting Detection},
  author={Bj{\"o}rn Engelmann},
  year={2007}
}
Though cross site scripting (XSS) is essentially a server-side problem, in most cases users are the one who suffer. Additionally, most Anti-XSS measures developed so far are requiring either a major customization effort or modifications in the Web Application. This thesis presents a general XSS detector able to automatically derive all required Web Application specific knowledge. Data-mining techniques are employed to analyse Web Applications in a script-focused way, which only necessitates… CONTINUE READING
1 Citations
28 References
Similar Papers

Citations

Publications citing this paper.

References

Publications referenced by this paper.
Showing 1-10 of 28 references

httpOnly Firefox Add-on“, version 0.5, Website, https://addons

  • Stefan Esser
  • 2007
Highly Influential
20 Excerpts

noscript Firefox Add-on“, version 1.1.6.16, Website, https://addons

  • Giorgio Maone
  • 2007
Highly Influential
20 Excerpts

URLRewritingNet.URLRewrite Documentation“, revision

  • Albert Weinert, Thomas Brandt
  • http://www.urlrewriting.net/download…
  • 2006
Highly Influential
3 Excerpts

Vulnerability Type Distribution in CVE“, Common Weakness Enumeration, version 1.1, technical white

  • Steve Christey, Robert A. Martin
  • http://cwe.mitre. org/documents/vuln-trends/index…
  • 2007
Highly Influential
3 Excerpts

Web Application Security Statistics“, Web Application Security Consortium, Website, December 2006, http://www.webappsec.org/projects/statistics

  • Michael Sutton, Jeremiah Grossman, Sergey Gordeychik, Mandeep Khera
  • 2007
Highly Influential
2 Excerpts

DOM Based Cross Site Scripting or XSS of the Third Kind“, Website, http://www.webappsec.org/projects/articles/071105.shtml

  • Amit Klein
  • 2007
1 Excerpt

Similar Papers

Loading similar papers…