Detecting Cross-Site Scripting Vulnerability Using Concolic Testing
- 1 April 2013
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE) in 2013 10th International Conference on Information Technology: New Generations
- p. 633-638
- https://doi.org/10.1109/itng.2013.97
Abstract
Cross-Site Scripting (XSS) attack is a type of Web-based attack wherein a malicious script is executed (from an immediate injection or from a stored source) to steal information or gain unauthorized access to user/system resources. We propose a two-phase technique to detect XSS vulnerabilities and prevent XSS attacks. In the first phase, we translate the Web application to a language for which recently developed concolic testing tools are available. Our translation also identifies input and output variables that are used to generate test cases for determining input/output dependencies in the application. Dependencies indicate vulnerabilities in the application that can be potentially exploited when the application is deployed. In the second phase, based on the input/output dependencies determined in the first phase, we appropriately (automatically) instrument the application code by including monitors. The monitors check exploitation of vulnerabilities at runtime. In addition to being both as efficient and effective as the available XSS attack detection techniques, our two-phase method is also capable of identifying XSS vulnerabilities that occur due to (a) conditional copy (of inputs to outputs) and (b) construction of malicious string inputs from the concatenation of singularly benign inputs. We present a prototype implementation of our framework and demonstrate its effectiveness using non-trivial JSP Web applications.Keywords
This publication has 10 references indexed in Scilit:
- Defining code-injection attacksACM SIGPLAN Notices, 2012
- Prevention of Cross Site Scripting with EGuard AlgorithmInternational Journal of Computer Applications, 2011
- Patching vulnerabilities with sanitization synthesisPublished by Association for Computing Machinery (ACM) ,2011
- Automatic creation of SQL Injection and cross-site scripting attacksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Finding bugs in dynamic web applicationsPublished by Association for Computing Machinery (ACM) ,2008
- Dynamic test input generation for web applicationsPublished by Association for Computing Machinery (ACM) ,2008
- Testing and Comparing Web Vulnerability Scanning Tools for SQL Injection and XSS AttacksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2007
- Defeating script injection attacks with browser-enforced embedded policiesPublished by Association for Computing Machinery (ACM) ,2007
- NoxesPublished by Association for Computing Machinery (ACM) ,2006
- A proposal and implementation of automatic detection/collection system for cross-site scripting vulnerabilityPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004