Client Side Action Against Cross Site Scripting Attacks

Cross-Site Scripting is one of the main attacks of many Web-based services. Since Web browsers support the execution of scripting commands embedded in the retrieved content, Attacker can gain this feature maliciously to violate the client security such as confidentiality. The public sites (i.e. social network) provide the attacker with ability to post there malicious code into a context which in the future to be shown to other participants. Detecting these malicious script codes is necessary for client side; the detection can be done by using detection tools used at client side. This book describes the overall problem and elaborates on the possibilities to solve the problem with actions at client side to reduce the danger of Cross-Site Scripting attacks. In this book a new secure tool is developed by using python language, which called XSSDetection,, two factors are used to evaluate it: performance and accuracy. The results show the accuracy of XSSDetection tool is 90.24% which satisfies the users need compared with other tools.

Autorentext

My name is Mohammed H. Abu Hamada from Palestine, I have master degree in information technology from Islamic University of Gaza. My interest research in the field of information security. I'm working now in Al-Quds Open University.