Das et al., 2015 - Google Patents
Detection of cross-site scripting attack under multiple scenariosDas et al., 2015
- Document ID
- 1837523523518675792
- Author
- Das D
- Sharma U
- Bhattacharyya D
- Publication year
- Publication venue
- The Computer Journal
External Links
Snippet
Web-application attacks are considered to be one of the major security concerns of a large number of applications, especially those deployed in health care, banking and e-business operations. These applications must involve high security in addition to other application …
- 238000001514 detection method 0 title abstract description 65
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Abikoye et al. | A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm | |
| Gupta et al. | Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network | |
| Nunan et al. | Automatic classification of cross-site scripting in web pages using document-based and URL-based features | |
| US8347392B2 (en) | Apparatus and method for analyzing and supplementing a program to provide security | |
| Choudhary et al. | CIDT: Detection of malicious code injection attacks on web application | |
| Nagpal et al. | SECSIX: security engine for CSRF, SQL injection and XSS attacks | |
| Das et al. | Detection of cross-site scripting attack under multiple scenarios | |
| China | NoSQL injection: Data security on web vulnerability | |
| Falana et al. | Detection of cross-site scripting attacks using dynamic analysis and fuzzy inference system | |
| George et al. | Token based detection and neural network based reconstruction framework against code injection vulnerabilities | |
| IŞiker et al. | Machine learning based web application firewall | |
| Lamba | Analysing sanitization technique of reverse proxy framework for enhancing database-security | |
| Vijayalakshmi et al. | Case Study: extenuation of XSS attacks through various detecting and defending techniques | |
| Papaspirou et al. | A tutorial on cross-site scripting attack: defense against online social networks | |
| Kaur | Study of cross-site scripting attacks and their countermeasures | |
| Futoransky et al. | A dynamic technique for enhancing the security and privacy of web applications | |
| Kalim et al. | Novel Detection Technique For Framejacking Vulnerabilities In Web Applications | |
| Barhoom et al. | A new server-side solution for detecting cross site scripting attack | |
| Payet et al. | Ears in the wild: large-scale analysis of execution after redirect vulnerabilities | |
| Maini et al. | Automated web vulnerability scanner | |
| Alenzi et al. | A defensive framework for reflected xss in client-side applications | |
| Zhang et al. | An automated composite scanning tool with multiple vulnerabilities | |
| Sivaraman et al. | Detecting and fixing sql injection and cross-site scripting vulnerabilities in web applications | |
| Akram et al. | Defense Mechanism Using Multilayered Approach and SQL Injection Methods for Web Based Attacks | |
| George et al. | A proposed framework against code injection vulnerabilities in online applications |