In order to develop web applications, the developers will need to use different technologies. The... more In order to develop web applications, the developers will need to use different technologies. The most common of these technologies are the HTML, XHTML and JavaScript. The vulnerabilities in these technologies arise many security attacks on the web applications. The most important and common one is Cross-site scripting (XSS) attack, which can be defined as code injection attack, this attack allows the attacker to execute malicious script in another user’s browser. Once the attacker gains control, he will be able to perform actions such as session-hijacking, malware-spreading, cookie-stealing and malicious redirection by embedding scripts in a web page that will get executed whenever the page is loaded. In this paper, we explore the different types of XSS attack and its impact on both server and client-side. After that, we select three server-side detection techniques, addressing how each technique work and the main weaknesses of each one, then we selected one of those techniques whi...
رسالة (ماجستير)-جامعة نايف العربية للعلوم الأمنية، كلية أمن الحاسب والمعلومات، قسم أمن المعلومات،... more رسالة (ماجستير)-جامعة نايف العربية للعلوم الأمنية، كلية أمن الحاسب والمعلومات، قسم أمن المعلومات، تخصص أمن المعلومات،
In order to develop web applications, the developers will need to use different technologies. The... more In order to develop web applications, the developers will need to use different technologies. The most common of these technologies are the HTML, XHTML and JavaScript. The vulnerabilities in these technologies arise many security attacks on the web applications. The most important and common one is Cross-site scripting (XSS) attack, which can be defined as code injection attack, this attack allows the attacker to execute malicious script in another user’s browser. Once the attacker gains control, he will be able to perform actions such as session-hijacking, malware-spreading, cookie-stealing and malicious redirection by embedding scripts in a web page that will get executed whenever the page is loaded. In this paper, we explore the different types of XSS attack and its impact on both server and client-side. After that, we select three server-side detection techniques, addressing how each technique work and the main weaknesses of each one, then we selected one of those techniques whi...
رسالة (ماجستير)-جامعة نايف العربية للعلوم الأمنية، كلية أمن الحاسب والمعلومات، قسم أمن المعلومات،... more رسالة (ماجستير)-جامعة نايف العربية للعلوم الأمنية، كلية أمن الحاسب والمعلومات، قسم أمن المعلومات، تخصص أمن المعلومات،
Uploads
Papers by Sara Tuza