Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

A Framework for XSS Attack Prevention in Web Browser using Interceptor Approach


Affiliations
1 Faculty of Computer Science and Information Technology, University Malaysia Sarawak 94300 Kota Samrahan, Sarawak, Malaysia
2 Department of Management Information System, Al-Baha University, Al-Baha, 65527, Saudi Arabia
 

Objectives: Cross site scripting attacks are performed through malicious JavaScript’s with the intention to attack client side. This paper proposes an efficient approach for detection of previous unknown malicious JavaScript attacks using machine learning techniques with high detection accuracy. Methods/Statistic Analysis: Despite the plethora of prevention and detection techniques, detection of malicious code such as XSS at the client side during execution by the browser is still a threatening and time-consuming process which degrades the browsing performance due to increased configuration overheads. The proposed approach can efficiently detect such attacks, which are in the form of malicious scripts before they get executed on the browser by employing an interceptor for all the HTTP traffic coming from the server to the client using machine learning classifiers for novel XSS attacks. Findings: It is expected that proposed framework once implemented will be able to achieve high detection accuracy with low false positives and fewer performance overheads. Improvement: This study provides a strong base for the detection of malware in real-time and experiments will be conducted based on this framework.

Keywords

Attack, Interceptor, Prevention, XSS
User

Abstract Views: 291

PDF Views: 0




  • A Framework for XSS Attack Prevention in Web Browser using Interceptor Approach

Abstract Views: 291  |  PDF Views: 0

Authors

Nayeem khan
Faculty of Computer Science and Information Technology, University Malaysia Sarawak 94300 Kota Samrahan, Sarawak, Malaysia
Abdullah Saleh Alqahtani
Department of Management Information System, Al-Baha University, Al-Baha, 65527, Saudi Arabia

Abstract


Objectives: Cross site scripting attacks are performed through malicious JavaScript’s with the intention to attack client side. This paper proposes an efficient approach for detection of previous unknown malicious JavaScript attacks using machine learning techniques with high detection accuracy. Methods/Statistic Analysis: Despite the plethora of prevention and detection techniques, detection of malicious code such as XSS at the client side during execution by the browser is still a threatening and time-consuming process which degrades the browsing performance due to increased configuration overheads. The proposed approach can efficiently detect such attacks, which are in the form of malicious scripts before they get executed on the browser by employing an interceptor for all the HTTP traffic coming from the server to the client using machine learning classifiers for novel XSS attacks. Findings: It is expected that proposed framework once implemented will be able to achieve high detection accuracy with low false positives and fewer performance overheads. Improvement: This study provides a strong base for the detection of malware in real-time and experiments will be conducted based on this framework.

Keywords


Attack, Interceptor, Prevention, XSS



DOI: https://doi.org/10.17485/ijst%2F2018%2Fv11i16%2F173384