Poster: a path-cutting approach to blocking XSS worms in social web networks


Worms exploiting JavaScript XSS vulnerabilities rampantly infect millions of webpages, while drawing the ire of helpless users. To date, users across all of the popular social networks, including FaceBook, MySpace, Orkut and Twitters, have been vulnerable to XSS worms. We propose PathCutter as a new approach to severing the self-propagation path of JavaScript worms. PathCutter works by blocking two critical steps in the propagation path of an XSS worm: (i) DOM access to different views at the client-side and (ii) unauthorized HTTP request to the server. As a result, although an XSS vulnerability is successfully exercised at the client, the XSS worm is prevented from successfully propagating to the would be victim's own social network page. PathCutter is effective against all of the current forms of XSS worms, including those that exploit traditional XSS, DOM-based XSS, and content sniffing XSS vulnerabilities. We demonstrate PathCutter using WordPress and perform a preliminary evaluation on a proof-of-concept JavaScript Worm.

DOI: 10.1145/2046707.2093483

Extracted Key Phrases

2 Figures and Tables

Cite this paper

@inproceedings{Cao2011PosterAP, title={Poster: a path-cutting approach to blocking XSS worms in social web networks}, author={Yinzhi Cao and Vinod Yegneswaran and Phillip A. Porras and Yan Chen}, booktitle={ACM Conference on Computer and Communications Security}, year={2011} }