首页    期刊浏览 2024年12月03日 星期二
登录注册

文章基本信息

  • 标题:Web Security: Detection of Cross Site Scripting in PHP Web Application using Genetic Algorithm
  • 本地全文:下载
  • 作者:Abdalla Wasef Marashdih ; Zarul Fitri Zaaba ; Herman Khalid Omer
  • 期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
  • 印刷版ISSN:2158-107X
  • 电子版ISSN:2156-5570
  • 出版年度:2017
  • 卷号:8
  • 期号:5
  • DOI:10.14569/IJACSA.2017.080509
  • 出版社:Science and Information Society (SAI)
  • 摘要:Cross site scripting (XSS) is one of the major threats to the web application security, where the research is still underway for an effective and useful way to analyse the source code of web application and removes this threat. XSS occurs by injecting the malicious scripts into web application and it can lead to significant violations at the site or for the user. Several solutions have been recommended for their detection. However, their results do not appear to be effective enough to resolve the issue. This paper recommended a methodology for the detection of XSS from the PHP web application using genetic algorithm (GA) and static analysis. The methodology enhances the earlier approaches of determining XSS vulnerability in the web application by eliminating the infeasible paths from the control flow graph (CFG). This aids in reducing the false positive rate in the outcomes. The results of the experiments indicated that our methodology is more effectual in detecting XSS vulnerability from the PHP web application compared to the earlier studies, in terms of the false positive rates and the concrete susceptible paths determined by GA Generator.
  • 关键词:Web Application Security; Security Vulnerability; Web Testing; Cross Site Scripting; Genetic Algorithm
国家哲学社会科学文献中心版权所有