A survey on detection techniques to prevent cross-site scripting attacks on current web applications

Joaquin Garcia-Alfaro; Guillermo Navarro-Arribas

doi:10.1007/978-3-540-89173-4_24

A survey on detection techniques to prevent cross-site scripting attacks on current web applications

Joaquin Garcia-Alfaro, Guillermo Navarro-Arribas

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Security is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models, organizations, and so on. Moreover, critical systems such as those related to health care, banking, or even emergency response, are relying on such applications and services. Web applications must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on the specific problem of preventing crosssite scripting attacks against web applications. We present a study of this kind of attacks, and survey current approaches for their prevention. Applicability and limitations of each proposal are also discussed.

Original language	English
Title of host publication	Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers
Pages	287-298
Number of pages	12
DOIs	https://doi.org/10.1007/978-3-540-89173-4_24
Publication status	Published - 1 Dec 2008
Externally published	Yes
Event	2nd International Workshop on Critical Information Infrastructure Security, CRITIS 2007 - Malaga, Spain Duration: 3 Oct 2007 → 5 Oct 2007

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5141 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	2nd International Workshop on Critical Information Infrastructure Security, CRITIS 2007
Country/Territory	Spain
City	Malaga
Period	3/10/07 → 5/10/07

Keywords

Injection Attacks
Network Security
Software Protection

Access to Document

10.1007/978-3-540-89173-4_24

Cite this

Garcia-Alfaro, J., & Navarro-Arribas, G. (2008). A survey on detection techniques to prevent cross-site scripting attacks on current web applications. In Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers (pp. 287-298). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5141 LNCS). https://doi.org/10.1007/978-3-540-89173-4_24

Garcia-Alfaro, Joaquin ; Navarro-Arribas, Guillermo. / A survey on detection techniques to prevent cross-site scripting attacks on current web applications. Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers. 2008. pp. 287-298 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{45af7b84f29b406cbc3275b46a840e6e,

title = "A survey on detection techniques to prevent cross-site scripting attacks on current web applications",

abstract = "Security is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models, organizations, and so on. Moreover, critical systems such as those related to health care, banking, or even emergency response, are relying on such applications and services. Web applications must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on the specific problem of preventing crosssite scripting attacks against web applications. We present a study of this kind of attacks, and survey current approaches for their prevention. Applicability and limitations of each proposal are also discussed.",

keywords = "Injection Attacks, Network Security, Software Protection",

author = "Joaquin Garcia-Alfaro and Guillermo Navarro-Arribas",

year = "2008",

month = dec,

day = "1",

doi = "10.1007/978-3-540-89173-4\_24",

language = "English",

isbn = "3540890955",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "287--298",

booktitle = "Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers",

note = "2nd International Workshop on Critical Information Infrastructure Security, CRITIS 2007 ; Conference date: 03-10-2007 Through 05-10-2007",

}

Garcia-Alfaro, J & Navarro-Arribas, G 2008, A survey on detection techniques to prevent cross-site scripting attacks on current web applications. in Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5141 LNCS, pp. 287-298, 2nd International Workshop on Critical Information Infrastructure Security, CRITIS 2007, Malaga, Spain, 3/10/07. https://doi.org/10.1007/978-3-540-89173-4_24

A survey on detection techniques to prevent cross-site scripting attacks on current web applications. / Garcia-Alfaro, Joaquin; Navarro-Arribas, Guillermo.
Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers. 2008. p. 287-298 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5141 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A survey on detection techniques to prevent cross-site scripting attacks on current web applications

AU - Garcia-Alfaro, Joaquin

AU - Navarro-Arribas, Guillermo

PY - 2008/12/1

Y1 - 2008/12/1

N2 - Security is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models, organizations, and so on. Moreover, critical systems such as those related to health care, banking, or even emergency response, are relying on such applications and services. Web applications must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on the specific problem of preventing crosssite scripting attacks against web applications. We present a study of this kind of attacks, and survey current approaches for their prevention. Applicability and limitations of each proposal are also discussed.

AB - Security is becoming one of the major concerns for web applications and other Internet based services, which are becoming pervasive in all kinds of business models, organizations, and so on. Moreover, critical systems such as those related to health care, banking, or even emergency response, are relying on such applications and services. Web applications must therefore include, in addition to the expected value offered to their users, reliable mechanisms to ensure their security. In this paper, we focus on the specific problem of preventing crosssite scripting attacks against web applications. We present a study of this kind of attacks, and survey current approaches for their prevention. Applicability and limitations of each proposal are also discussed.

KW - Injection Attacks

KW - Network Security

KW - Software Protection

U2 - 10.1007/978-3-540-89173-4_24

DO - 10.1007/978-3-540-89173-4_24

M3 - Conference contribution

AN - SCOPUS:77953704942

SN - 3540890955

SN - 9783540890959

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 287

EP - 298

BT - Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers

T2 - 2nd International Workshop on Critical Information Infrastructure Security, CRITIS 2007

Y2 - 3 October 2007 through 5 October 2007

ER -

Garcia-Alfaro J, Navarro-Arribas G. A survey on detection techniques to prevent cross-site scripting attacks on current web applications. In Critical Information Infrastructures Security - Second International Workshop, CRITIS 2007, Revised Papers. 2008. p. 287-298. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-89173-4_24

A survey on detection techniques to prevent cross-site scripting attacks on current web applications

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this