Securing Web Applications from malware attacks using hybrid feature extraction

Subramaniyaswamy, V, Gopireddy Venkata, Kalyani and Naladala, Likhitha Securing Web Applications from malware attacks using hybrid feature extraction. International Journal of Pure and Applied Mathematics, 2018, vol. 119, n. 12, pp. 13367-13385. [Journal article (Paginated)]

[thumbnail of 1219.pdf]
Preview
Text
1219.pdf

Download (721kB) | Preview

English abstract

In this technological era, many of the applications are taking the utilization of services of internet in order to cater to the needs of its users. With the rise in number of internet users, there's a substantial inflation within the internet attacks. Because of this hike, Web Services give rise to new security threats. One among the major concerns is the susceptibility of the internet services for cross site scripting (XSS). More than three fourths of the malicious attacks are contributed by XSS. This article primarily focuses on detection and exploiting XSS vulnerabilities. Generally, improper sanitization of input results in these type of susceptibilities. This article primarily focuses on fuzzing, and brute forcing parameters for XSS vulnerability. In addition, we've mentioned the planned framework for contradicting XSS vulnerability.

Item type: Journal article (Paginated)
Keywords: Cross Site Scripting attacks, WAF detection, web application security, fuzz testing
Subjects: B. Information use and sociology of information
B. Information use and sociology of information > BC. Information in society.
Depositing user: Raster Daster
Date deposited: 02 Aug 2018 07:36
Last modified: 02 Aug 2018 07:36
URI: http://hdl.handle.net/10760/33271

References

[1]Shashank Gupta, B.B. Gupta *, Pooja Chaudhary, Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network, Future Generation Computer Systems 79 (2018) 319–336.

[2]Gupta, M.K., Govil, M.C. and Singh, G., Static Analysis Approaches to Detect SQL Injection and Cross Site Scripting Vulnerabilities in Web Applications: A Survey, IEEE International Conference on Recent Advances and Innovations in Engineering, pp. 1-5, 2014.

[3 ]Mishra, A., Critical Comparison Of PHP And ASP.NET For Web Development ‐ ASP.NET & PHP, Proc. International Journal of Scientific & Technology Research, pp. 331-333, 2014.

[4] Martin Johns, Bjorne Englemann, Joachimm Posegga,”XSSDS: Server-side Detection of Cross-site Scripting Attacks”, Annual Computer Security Applications Conference, IEEE, pp. 335-344, 2008

[5]Abdalla Wasef Marashdih and Zarul Fitri Zaaba,Cross Site Scripting: Removing Approaches in Web Application,4th Information Systems International Conference 2017, ISICO 2017, 6-8 November 2017, Bali, Indonesia

[6] D. Bates, A. Barth, C. Jackson, Regular expressions considered harmful in client side XSS filters, in: Proceedings of the Conference on the World Wide Web, 2010, pp. 91–100.

[7] P. Bisht and V. N. Venkatakrishnan. XSS-GUARD: precise dynamic prevention of cross-site scripting attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment, 2008.44

[8] Shar, L.K., Tan, H.B.K. and Briand, L.C., Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis’, 35th International Conference on Software Engineering (ICSE '13), pp 642-651, 2013.

[9]Malviya, V.K., Saurav, S. and Gupta, A., On Security Issues in Web Applications through Cross Site Scripting (XSS), 20th Asia Pacific Software Engineering Conference (APSEC), pp. 583-588, 2013

[10]OWASP, Top-10 threats for web application security, Available: www.owasp.org/index.php/Top_10_2013-Top_10. [Accessed: May 2017].

[11] Subramaniyaswamy, V., & Logesh, R. (2017). Adaptive KNN based Recommender System through Mining of User Preferences. Wireless Personal Communications, 97(2), 2229-2247.

[12] Logesh, R., & Subramaniyaswamy, V. (2017). A Reliable Point of Interest Recommendation based on Trust Relevancy between Users. Wireless Personal Communications, 97(2), 2751-2780.

[13] Logesh, R., & Subramaniyaswamy, V. (2017). Learning Recency and Inferring Associations in Location Based Social Network for Emotion Induced Point-of-Interest Recommendation. Journal of Information Science & Engineering, 33(6), 1629–1647.

[14] Subramaniyaswamy, V., Logesh, R., Abejith, M., Umasankar, S., & Umamakeswari, A. (2017). Sentiment Analysis of Tweets for Estimating Criticality and Security of Events. Journal of Organizational and End User Computing (JOEUC), 29(4), 51-71.

[15] Indragandhi, V., Logesh, R., Subramaniyaswamy, V., Vijayakumar, V., Siarry, P., & Uden, L. (2018). Multi-objective optimization and energy management in renewable based AC/DC microgrid. Computers & Electrical Engineering.

[16] Subramaniyaswamy, V., Manogaran, G., Logesh, R., Vijayakumar, V., Chilamkurti, N., Malathi, D., & Senthilselvan, N. (2018). An ontology-driven personalized food recommendation in IoT-based healthcare system. The Journal of Supercomputing, 1-33.

[17] Arunkumar, S., Subramaniyaswamy, V., & Logesh, R. (2018). Hybrid Transform based Adaptive Steganography Scheme using Support Vector Machine for Cloud Storage. Cluster Computing.

[18] Indragandhi, V., Subramaniyaswamy, V., & Logesh, R. (2017). Resources, configurations, and soft computing techniques for power management and control of PV/wind hybrid system. Renewable and Sustainable Energy Reviews, 69, 129-143.

[19] Ravi, L., & Vairavasundaram, S. (2016). A collaborative location based travel recommendation system through enhanced rating prediction for the group of users. Computational intelligence and neuroscience, 2016, Article ID: 1291358.

[20] Logesh, R., Subramaniyaswamy, V., Malathi, D., Senthilselvan, N., Sasikumar, A., & Saravanan, P. (2017). Dynamic particle swarm optimization for personalized recommender system based on electroencephalography feedback. Biomedical Research, 28(13), 5646-5650.

[21] Arunkumar, S., Subramaniyaswamy, V., Karthikeyan, B., Saravanan, P., & Logesh, R. (2018). Meta-data based secret image sharing application for different sized biomedical images. Biomedical Research,29.

[22] Vairavasundaram, S., Varadharajan, V., Vairavasundaram, I., & Ravi, L. (2015). Data mining‐based tag recommendation system: an overview. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 5(3), 87-112.

[23] Logesh, R., Subramaniyaswamy, V., & Vijayakumar, V. (2018). A personalised travel recommender system utilising social network profile and accurate GPS data. Electronic Government, an International Journal, 14(1), 90-113.

[24] Vijayakumar, V., Subramaniyaswamy, V., Logesh, R., & Sivapathi, A. (2018). Effective Knowledge Based Recommeder System for Tailored Multiple Point of Interest Recommendation. International Journal of Web Portals.

[25] Subramaniyaswamy, V., Logesh, R., & Indragandhi, V. (2018). Intelligent sports commentary recommendation system for individual cricket players. International Journal of Advanced Intelligence Paradigms, 10(1-2), 103-117.

[26] Indragandhi, V., Subramaniyaswamy, V., & Logesh, R. (2017). Topological review and analysis of DC-DC boost converters. Journal of Engineering Science and Technology, 12 (6), 1541–1567.

[27] Saravanan, P., Arunkumar, S., Subramaniyaswamy, V., & Logesh, R. (2017). Enhanced web caching using bloom filter for local area networks. International Journal of Mechanical Engineering and Technology, 8(8), 211-217.

[28] Arunkumar, S., Subramaniyaswamy, V., Devika, R., & Logesh, R. (2017). Generating visually meaningful encrypted image using image splitting technique. International Journal of Mechanical Engineering and Technology, 8(8), 361–368.

[29] Subramaniyaswamy, V., Logesh, R., Chandrashekhar, M., Challa, A., & Vijayakumar, V. (2017). A personalised movie recommendation system based on collaborative filtering. International Journal of High Performance Computing and Networking, 10(1-2), 54-63.

[30] Senthilselvan, N., Udaya Sree, N., Medini, T., Subhakari Mounika, G., Subramaniyaswamy, V., Sivaramakrishnan, N., & Logesh, R. (2017). Keyword-aware recommender system based on user demographic attributes. International Journal of Mechanical Engineering and Technology, 8(8), 1466-1476.

[31] Subramaniyaswamy, V., Logesh, R., Vijayakumar, V., & Indragandhi, V. (2015). Automated Message Filtering System in Online Social Network. Procedia Computer Science, 50, 466-475.

[32] Logesh, R., Subramaniyaswamy, V., Vijayakumar, V., Gao, X. Z., & Indragandhi, V. (2017). A hybrid quantum-induced swarm intelligence clustering for the urban trip recommendation in smart city. Future Generation Computer Systems, 83, 653-673.


Downloads

Downloads per month over past year

Actions (login required)

View Item View Item