Abstrato

DEFENDING AGAINST WEB VULNERABILITIES AND CROSS-SITE SCRIPTING

T.Venkat Narayana Rao, V. Tejaswini ,K..Preethi

Researchers have devised multiple solutions to cross-site scripting, but vulnerabilities persists in many Web applications due to developer‟s lack of expertise in the problem identification and their unfamiliarity with the current mechanisms. As proclaimed by the experts, cross-site scripting is among the serious and widespread threats in Web applications these days more than buffer overflows. Recent study shows XSS has ranked first in the MITRE Common Weakness Enumeration (CWE)/SANS Institute list of Top 25 Most Dangerous Software Errors and second in the Open Web Application Security Project (OWASP). However, vulnerabilities continue to exist in many Web applications due to developers‟ lack of understanding of the problem and their unfamiliarity with current guarding strengths and limitations. Existing techniques for defending against XSS exploits suffer from various weaknesses: inherent limitations, incomplete implementations, complex frameworks, runtime overhead, and intensive manual-work requirements. Security researchers can address these weaknesses from two different perspectives. They need to look beyond current techniques by incorporating more effective input validation and sanitization features. In time, development tools will incorporate security frameworks such as ESAPI that implement state-of-the-art technology. This paper focus on program verification perspective, how researchers must integrate program analysis, pattern recognition, concolic testing, data mining, and AI algorithms to solve different software engineering problems and to enhance the effectiveness of vulnerability detection. Focus on such issues would improve the precision of current methods by acquiring attack code patterns from outside experts as soon as they become available.

Isenção de responsabilidade: Este resumo foi traduzido usando ferramentas de inteligência artificial e ainda não foi revisado ou verificado

Indexado em

Google Scholar
Academic Journals Database
Open J Gate
Academic Keys
ResearchBible
CiteFactor
Electronic Journals Library
RefSeek
Hamdard University
Scholarsteer
International Innovative Journal Impact Factor (IIJIF)
International Institute of Organised Research (I2OR)
Cosmos

Veja mais