International Research Journal of Engineering and Technology (IRJET) Volume: 04 Issue: 03 | Mar -2017
www.irjet.net
e-ISSN: 2395 -0056 p-ISSN: 2395-0072
CROSS SITE SCRIPTING ATTACKS AND PREVENTIVE MEASURES Dr. G. Rama Koteswara Rao1, K.V.J.S. Sree Ram2, M. Akhil Kumar3, R. Supritha4, S. Ashfaq Reza5 1Professor, 2,3,4,5IV/IV
B.Tech
Dept. of Information Technology
VELAGAPUDI RAMAKRISHNA SIDDHARTHA ENGINEERING COLLEGE, Kanuru, A.P, India ---------------------------------------------------------------------***---------------------------------------------------------------------
Abstract - Cross site scripting is an injection type attack
where an attacker injects malicious scripts into the web pages. These scripts will be inserted into the pages through search fields, comment fields, guest books etc. The core intention of this attack is to steal the sensitive data of the other users who are visiting the same website. This is one of the most prevalent vulnerabilities in web applications and also a browser exploit that takes advantages of malicious JavaScript. Input validations and Code filtering are the most important areas where most of the executions of malicious script can be blocked.
ii.
Keywords: Cross site scripting, vulnerability, attacks, input validation, malicious script, code filtering.
1. INTRODUCTION Web applications are generally classified into two types; they are static web applications and dynamic web applications. Static web applications are those which does not interact with server (or database) and display the static content to the users. Dynamic web applications are those which interact with the server and satisfy the request of the client, for example, a sample login page which verifies the username and password of the user by interacting with the database in which the user credentials are stored [1].
iii.
Cross site scripting attacks are the type of attacks which enables the attackers to steal the client side sensitive information like cookies etc.. These kind of attacks are generally done by injecting the client side vulnerable scripts into the areas which communicate with the servers or the databases like search fields, comment box etc.. By stealing user sensitive information attackers can bypass the access controls like same origin policy [2].
2. LITERATURE SURVEY
In 2012, Takeshi Matsuda worked on “Cross Site Scripting Attacks Detection Algorithm Based on the Appearance Position of Characters” [7]. In order to prevent XSS attacks, they proposed a new detection algorithm which works on extracting an attack feature considering the appearance position and symbol frequency. The disadvantage of this approach is it requires learning of detection threshold and since this algorithm works best after testing against training test samples we cannot completely ensure the web application is secured. In 2013, Michelle E Ruse et al. proposed a two-phase technique to detect XSS vulnerabilities and prevent XSS attacks[8]. In the initial phase, the web application is translated into a language for which recently developed concolic testing tools are available which also identifies input and output variables that are helpful in generating test cases of determining input/output dependencies in the application. In the second phase, monitors are used to check
1.1 TYPES OF CROSS SITE SCRIPTING ATTACKS There are mainly three types of cross site scripting attacks. They are: i.
Non persistent Attacks: It is the most common type of web vulnerability and is also termed as reflected XSS attack or type 1 XSS because the attack is carried out in a single request/response cycle [3]. This attack is done mostly in HTTP query parameters given by the users and is used by scripts
© 2017, IRJET
|
Impact Factor value: 5.181
on the server side and display the results without sanitizing the query[4]. These attacks are easy to identify and attacker initially checks whether a particular web application is vulnerable or not by performing these attacks. These attacks are not so devastating since these do not show impact on the server. Persistent Attacks: It is the more dangerous type of XSS attack and is commonly termed as stored XSS attack or type 2 XSS because the attack is carried out in two requests one for injecting the malicious code and store it in the web server and the other for the users(victims) to load the page which is malicious[5]. In this attack, the attacker stores the malicious script on the server side permanently and when the users unknowingly or without proper knowledge make the script active he/she will be a victim of the attack[4]. DOM based Attacks: In these attacks, the vulnerability appears in the document object model. In type 1 and type 2 XSS, the dangerous payloads are in the response page but in this type of attack, the dangerous payload is not in the response page and the source code of the HTML page is similar to the response page. These attacks are done by the use of document.write() and other such similar functions[6].
|
ISO 9001:2008 Certified Journal
| Page 2016