Cross-Site Scripting Detection Based on an Enhanced Genetic Algorithm

Hydara, Isatou; Sultan, Abu Bakar; Zulzalil, Hazura; Admodisastro, Novia

doi:10.17485/ijst/2015/v8i30/86055

Cited by 16 publications

(24 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hydara et al [3] employed the genetic algorithm for generating test cases for the static analysis. The aim was to determine the tangible XSS vulnerability in the Java source code.…”

Section: Related Workmentioning

confidence: 99%

“…The reason for these security holes is mainly the short time frame of this program"s development [1]. Although research on security programs is modern, effective solutions are highly demanded because of the importance of creating programs that are secure and less vulnerable to attacks [2,3].…”

Section: Introductionmentioning

confidence: 99%

“…Many solutions have been proposed for their detection. However, the problem of XSS vulnerabilities in web applications still persists [7].…”

Section: Introductionmentioning

confidence: 99%

“…Consequently, genetic algorithm ventured into the software testing arena by generating test cases for scrutinising the software security. This kind of algorithm offers solutions to determine XSS vulnerability with a lower false positive rate [3,10,11]. Within the Java web application framework, the genetic algorithm locates the entire XSS vulnerability devoid of any false positive rate in the outcomes [3].…”

Section: Introductionmentioning

confidence: 99%

“…This kind of algorithm offers solutions to determine XSS vulnerability with a lower false positive rate [3,10,11]. Within the Java web application framework, the genetic algorithm locates the entire XSS vulnerability devoid of any false positive rate in the outcomes [3]. Conversely, and post-execution of the algorithm in the PHP web application, it presents several false positive rates.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Web Security: Detection of Cross Site Scripting in PHP Web Application using Genetic Algorithm

Marashdih¹,

Zaaba²,

Omer³

2017

ijacsa

View full text Add to dashboard Cite

Abstract-Cross site scripting (XSS) is one of the major threats to the web application security, where the research is still underway for an effective and useful way to analyse the source code of web application and removes this threat. XSS occurs by injecting the malicious scripts into web application and it can lead to significant violations at the site or for the user. Several solutions have been recommended for their detection. However, their results do not appear to be effective enough to resolve the issue. This paper recommended a methodology for the detection of XSS from the PHP web application using genetic algorithm (GA) and static analysis. The methodology enhances the earlier approaches of determining XSS vulnerability in the web application by eliminating the infeasible paths from the control flow graph (CFG). This aids in reducing the false positive rate in the outcomes. The results of the experiments indicated that our methodology is more effectual in detecting XSS vulnerability from the PHP web application compared to the earlier studies, in terms of the false positive rates and the concrete susceptible paths determined by GA Generator.

show abstract

“…Hydara et al [3] employed the genetic algorithm for generating test cases for the static analysis. The aim was to determine the tangible XSS vulnerability in the Java source code.…”

Section: Related Workmentioning

confidence: 99%