Please use this identifier to cite or link to this item: http://dspace.univ-guelma.dz/jspui/handle/123456789/13042
Title: Détection des vulnérabilités des applications Web aux attaques XSS
Authors: GUELMI, ZAID
Keywords: Détection des vulnérabilités, des applications Web , attaques XSS
Issue Date: 2022
Publisher: université de guelma
Abstract: Cross-site scripting (XSS) is one of the most dangerous attacks menacing the navigation in the Web since its reveal in late 1999. Since then, several techniques have been developed in the aim to secure web applications against diverse types of XSS attacks. In this project, we contribute by designing a hybrid approach for the detection of web application vulnerabilities to XSS attacks. This way, vulnerable applications can be detected and hence updated to defend against XSS attacks. The hybrid approach combines static and dynamic analysis. While static analysis is used to detect of all the injection points included in individual pages through analyzing their contents, dynamic analysis is used to confirm the vulnerability of such points to XSS payload injection. A prototype named XSS Checker is developed in Node.js implementing the proposed approach. Conducted experiments, with the developed prototype, showed the ability of the proposed approach to detect vulnerabilities in real world applications.
URI: http://dspace.univ-guelma.dz/jspui/handle/123456789/13042
Appears in Collections:Master

Files in This Item:
File Description SizeFormat 
GUELMI_ZAID_F5.pdf6,25 MBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.