Detection of DOM-Based XSS Attack on Web Application

Abstract

Cross-Site Scripting (XSS) is one of the huge issues of any Web-based or Online applications. In this attack, the attacker uses malicious code to intercept the information through users web application and sends it to the corresponding web server. This is possible because web browsers are capable of executing the instructions stored in Web pages. This enables the attackers to make use of this feature, so as to execute the malicious code in a user’s Web browsing application. This attack if happened, may result in very slow and poor web surfing. It is also capable of stealing the cookies, passwords and other personal information of the user. These kind of attacks are very easy in terms of implementation but the prevention or detection of this attack is a challenging task. In this paper firstly the existing research on the prevention of XSS is presented. Then a framework is proposed to detect the XSS, which can provide a legitimate solution for the mitigation of the attack.