• DocumentCode
    690208
  • Title

    Analysis and prevention for cross-site scripting attack based on encoding

  • Author

    Ding Lan ; Wu ShuTing ; Ye Xing ; Zhang Wei

  • Author_Institution
    Dept. of Intell. & Reconnaissance, Special Police Acad., Beijing, China
  • fYear
    2013
  • fDate
    15-17 Nov. 2013
  • Firstpage
    102
  • Lastpage
    105
  • Abstract
    With the development of Web application, cross-site scripting attacks have been rapidly increasing, and the technique of those attacks is constantly updating. There has been some special advanced attacks such as the one based on encoding. In this paper we analyze two kinds of those attacks respectively based on the binary and N-ray alphabets encoding, then presents a dynamically access control method to prevent them by means of the existing detection and prevention technology of cross-site scripting attack, making up the existing approach being lack of the practicality, and the experimental results verify the feasibility and practicality of our protection mechanism.
  • Keywords
    Internet; authorisation; encoding; N-ray alphabets encoding; Web application; access control method; cross-site scripting attack; protection mechanism; Encoding; Europe; HTML; Robustness; Security; Web servers; Cross Site Scripting Attack; Cross-domain Access; Encoding Based on N-ary Alphabets; Web Application;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Electronics Information and Emergency Communication (ICEIEC), 2013 IEEE 4th International Conference on
  • Conference_Location
    Beijing
  • Type

    conf

  • DOI
    10.1109/ICEIEC.2013.6835463
  • Filename
    6835463
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=690208