期刊名称:International Journal of Engineering and Computer Science
印刷版ISSN:2319-7242
出版年度:2015
卷号:4
期号:8
页码:13777-13780
DOI:10.18535/ijecs/v4i8.27
出版社:IJECS
摘要:Among the Web application vulnerabilities Cross Site Scripting attack is most common attack. It is a kind of attack in which theintruder can able to change the entire code of the process by hooking unnecessary data along with the code of data. It becomes a challengingissue to sanitize every user query form through which the malicious code would be hooked. In this paper a method is proposed, by which theCross site scripting attack on web applications will be considerably reduced. The proposed method provides single solution to various kindsof attacks that is created by the attackers. The main objective is to prevent the attack, by incorporating the data dictionary along with theclient side scripting rather than separate arrangement. Our approach is examined with real web application and results are evaluated. Fromthe experimental results it is analyzed that by using the method, it does not need a very long rule generation or separate data dictionary. Thismethod reduces time complexity, without random generation of input values. The implementation shows that the proposed method workswell for the real time cross site scripting attacks
关键词:Cross Site Scripting attacks; Web Applications; Query Generation; Rules Generation; Data Dictionary; Input Sanitation
