Home // ICSEA 2014, The Ninth International Conference on Software Engineering Advances // View article

An Approach for Cross-Site Scripting Detection and Removal Based on Genetic Algorithms

Authors:
Isatou Hydara
Abu Bakar Md Sultan
Hazura Zulzalil
Novia Admodisastro

Keywords: cross-site scripting; genetic algorithm; software security; vulnerability detection; vulnerability removal.

Abstract:
Software security vulnerabilities have led to many successful attacks on applications, especially web applications, on a daily basis. These attacks, including cross-site scripting, have caused damages for both web site owners and users. Cross-site scripting vulnerabilities are easy to exploit but difficult to eliminate. Many solutions have been proposed for their detection. However, the problem of cross-site scripting vulnerabilities present in web applications still persists. In this paper, we propose to explore an approach based on genetic algorithms that will be able to detect and remove cross-site scripting vulnerabilities from the source code before an application is deployed. The proposed approach is, so far, only implemented and validated on Java-based Web applications, although it can be implemented in other programming languages with slight modifications. Initial evaluations have indicated promising results.

Pages: 227 to 232

Copyright: Copyright (c) IARIA, 2014

Publication date: October 12, 2014

Published in: conference

ISSN: 2308-4235

ISBN: 978-1-61208-367-4

Location: Nice, France

Dates: from October 12, 2014 to October 16, 2014