Protecting Against Reflected Cross-Site Scripting Attacks
| dc.contributor.author | Ellingsen, Pål | |
| dc.contributor.author | Vikne, Andreas Svardal | |
| dc.date.accessioned | 2019-03-06T08:17:29Z | |
| dc.date.available | 2019-03-06T08:17:29Z | |
| dc.date.created | 2019-02-01T12:03:55Z | |
| dc.date.issued | 2018 | |
| dc.identifier.citation | Ellingsen, P., & Vikne, A. S. (2018). Protecting against reflected cross-site scripting attacks. International Journal On Advances in Software, 11, 418-439. | nb_NO |
| dc.identifier.issn | 1942-2628 | |
| dc.identifier.uri | http://hdl.handle.net/11250/2588920 | |
| dc.description.abstract | One of the most dominant threats against web applications is the class of script injection attacks, also called cross-site scripting. This class of attacks affects the client-side of a web application, and is a critical vulnerability that is difficult to both detect and remediate for websites, often leading to insufficient server-side protection, which is why the end-users need an extra layer of protection at the client-side, utilizing the defense in depth strategy. This paper discusses a client-side filter for Mozilla Firefox that protects against Reflected cross-site scripting attacks, while maintaining high performance. By conducting tests on the implemented solution, the conclusion is that the filter does provide more protection than the original Firefox version, at the same time achieving high performance, which with only some further improvements would become an effective option for end-users of web applications to protect themselves against Reflected cross-site scripting attacks. | nb_NO |
| dc.language.iso | eng | nb_NO |
| dc.relation.uri | http://www.iariajournals.org/software/soft_v11_n34_2018_paged.pdf | |
| dc.rights | Navngivelse-Ikkekommersiell-DelPåSammeVilkår 4.0 Internasjonal | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-sa/4.0/deed.no | * |
| dc.subject | cross-site scripting protection | nb_NO |
| dc.subject | input filtering | nb_NO |
| dc.subject | software security | nb_NO |
| dc.subject | injection attacks | nb_NO |
| dc.title | Protecting Against Reflected Cross-Site Scripting Attacks | nb_NO |
| dc.type | Journal article | nb_NO |
| dc.type | Peer reviewed | nb_NO |
| dc.description.version | publishedVersion | nb_NO |
| dc.rights.holder | 2018, © Copyright by authors, | nb_NO |
| dc.subject.nsi | VDP::Matematikk og Naturvitenskap: 400::Informasjons- og kommunikasjonsvitenskap: 420::Sikkerhet og sårbarhet: 424 | nb_NO |
| dc.source.pagenumber | 418-439 | nb_NO |
| dc.source.volume | 11 | nb_NO |
| dc.source.journal | International Journal On Advances in Software | nb_NO |
| dc.source.issue | 3&4 | nb_NO |
| dc.identifier.cristin | 1672016 | |
| cristin.unitcode | 203,12,4,0 | |
| cristin.unitname | Institutt for data- og realfag | |
| cristin.ispublished | true | |
| cristin.fulltext | original | |
| cristin.qualitycode | 1 |
Tilhørende fil(er)
Denne innførselen finnes i følgende samling(er)
Med mindre annet er angitt, så er denne innførselen lisensiert som Navngivelse-Ikkekommersiell-DelPåSammeVilkår 4.0 Internasjonal