Visible to the public Payload recognition and detection of Cross Site Scripting attack

TitlePayload recognition and detection of Cross Site Scripting attack
Publication TypeConference Paper
Year of Publication2017
AuthorsZalbina, M. R., Septian, T. W., Stiawan, D., Idris, M. Y., Heryanto, A., Budiarto, R.
Conference Name2017 2nd International Conference on Anti-Cyber Crimes (ICACC)
Keywordscoding practices, Cross Site Scripting, Cross Site Scripting (XSS), cross site scripting attack detection, data payload, HTML, Human Behavior, human factor, human factors, Internet, IP networks, NIDS, Open Web Application Security Project, OWASP, Pattern recognition, payload recognition, Payloads, Ports (Computers), preprocessing method, pubcrawl, regular expression, regular expression pattern matching, resilience, Resiliency, Scalability, security, security of data, Servers, Testing, Web Application Security, XSS attack

Web Application becomes the leading solution for the utilization of systems that need access globally, distributed, cost-effective, as well as the diversity of the content that can run on this technology. At the same time web application security have always been a major issue that must be considered due to the fact that 60% of Internet attacks targeting web application platform. One of the biggest impacts on this technology is Cross Site Scripting (XSS) attack, the most frequently occurred and are always in the TOP 10 list of Open Web Application Security Project (OWASP). Vulnerabilities in this attack occur in the absence of checking, testing, and the attention about secure coding practices. There are several alternatives to prevent the attacks that associated with this threat. Network Intrusion Detection System can be used as one solution to prevent the influence of XSS Attack. This paper investigates the XSS attack recognition and detection using regular expression pattern matching and a preprocessing method. Experiments are conducted on a testbed with the aim to reveal the behaviour of the attack.

Citation Keyzalbina_payload_2017