Web Security: Detection of Cross Site Scripting in PHP Web Application using Genetic Algorithm
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2017, Vol 8, Issue 5
Abstract
Cross site scripting (XSS) is one of the major threats to the web application security, where the research is still underway for an effective and useful way to analyse the source code of web application and removes this threat. XSS occurs by injecting the malicious scripts into web application and it can lead to significant violations at the site or for the user. Several solutions have been recommended for their detection. However, their results do not appear to be effective enough to resolve the issue. This paper recommended a methodology for the detection of XSS from the PHP web application using genetic algorithm (GA) and static analysis. The methodology enhances the earlier approaches of determining XSS vulnerability in the web application by eliminating the infeasible paths from the control flow graph (CFG). This aids in reducing the false positive rate in the outcomes. The results of the experiments indicated that our methodology is more effectual in detecting XSS vulnerability from the PHP web application compared to the earlier studies, in terms of the false positive rates and the concrete susceptible paths determined by GA Generator.
Authors and Affiliations
Abdalla Wasef Marashdih, Zarul Fitri Zaaba, Herman Khalid Omer
Keywords
Related Articles
- EP ID EP258610
- DOI 10.14569/IJACSA.2017.080509
- Views 91
- Downloads 0
Speaker Identification based on Hybrid Feature Extraction Techniques
One of the most exciting areas of signal processing is speech processing; speech contains many features or characteristics that can discriminate the identity of the person. The human voice is considered one of the import...
Analysis of Valuable Clustering Techniques for Deep Web Access and Navigation
A massive amount of content is available on web but huge portion of it is still invisible. User can only access this hidden web, also called Deep web, by entering a directed query in a web search form and thus accessing...
An Online Character Recognition System to Convert Grantha Script to Malayalam
This paper presents a novel approach to recognize Grantha, an ancient script in South India and converting it to Malayalam, a prevalent language in South India using online character recognition mechanism. The moti...
MulWiFi: Flexible Policy Enforcement in Multi-Radio High-Speed WiFi Networks
As data rates in 802.11 Wireless LANs (WLANs) scale to Gbps, it becomes increasingly challenging for a single radio resource to meet the goals of high MAC efficiency, service differentiation, and adaptability to diverse...
An Improved Pulmonary Nodule Detection Scheme based on Multi-Layered Filtering and 3d Distance Metrics
This paper proposed a computer-aided detection (CAD) system to automatically detect pulmonary nodules from thoracic computed tomography (CT) images. Automatically detect pulmonary nodules is a difficult job because of th...