• DocumentCode
    3722164
  • Title

    A XSS Vulnerability Detection Approach Based on Simulating Browser Behavior

  • Author

    Yuan Liu;Wenbing Zhao;Dan Wang;Lihua Fu

  • Author_Institution
    Coll. of Comput. Sci., Beijing Univ. of Technol., Beijing, China
  • fYear
    2015
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    This paper presents a dynamic detection method based on simulating browser behavior, and designs a web crawler based on a headless browser, which can interpret the JavaScript code and retrieve Ajax content to find the hidden injection points in pages, with full consideration of the web pages containing complex scripts under Web 2.0 environment. In implementation, this paper uses dynamic analysis in XSS vulnerability detection by examining the runtime behavior of web application, and decide whether the XSS vulnerability exists with black-box test. The experiment results prove that this method works.
  • Keywords
    "Browsers","Uniform resource locators","Crawlers","Web pages","Security","Testing","HTML"
  • Publisher
    ieee
  • Conference_Titel
    Information Science and Security (ICISS), 2015 2nd International Conference on
  • Type

    conf

  • DOI
    10.1109/ICISSEC.2015.7370974
  • Filename
    7370974
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3722164