Detection of Cross-Site Scripting Attack under Multiple Scenarios

Web-application attacks are considered to be one of the major security concerns of a large number of applications, especially those deployed in health care, banking and e-business operations. These applications must involve high security in addition to other application requirements such as friendliness, effectiveness and efficiency in service provided to the end users. In this paper, we focus on security vulnerabilities resulting from generic input validation problems that may cause cross-site scripting (XSS) attacks. We take a look at the types of XSS attacks and current practices for their detection and identify the research issues and challenges. We propose a method for the detection of XSS attacks. The detection method identifies a malicious execution sequence based on the initialized list of-legitimate execution sequences and malicious strings or malicious literals generated during a training phase. The initialized lists are stored into four different Web-Application Execution Profiles (WAEPs) corresponding to four different attack scenarios. The detection module searches the run-time sequence in the respective WAEPs. We test our method for the detection of three different categories of XSS attacks under four different attack scenarios-two in the client side and two in the web-application server. Satisfactory results have been found under all the four scenarios.