Server side approach based on features extraction to detect XSS attacks

Abstract

Cross-site scripting (XSS) attacks are presently the most exploited security problems in modern Web applications that can be exploited by injecting JavaScript code. By now there have been a variety of defensive techniques to protect web application from XSS injection attack, but XSS still cannot be totally detected, an attacker can circumvent the technique by injecting legitimate JavaScript, because it is difficult to distinguish from the original script. In this project, we developed an approach based on scripts features analyzing, which permit detection of wide range of injected scripts: malicious script or specific script which is similar to benign script, without any modification of application source code. We evaluate our approach with three programs. The evaluation results indicate that our approach detects a wide range of code injection attacks.