A XSS Defensive Scheme Based on Behavior Certification
2012 ◽
Vol 241-244
◽
pp. 2365-2369
Keyword(s):
The Scripting languages (mostly JavaScript) applications in the network are heavily used to improve the user experience now. The trends make XSS (Cross-site Scripting Attacks) the most serious security problems in the current Internet. A XSS defensive scheme based on behavior certification is proposed in the paper. The website behavior model is generated based on the website logic and the user behavior. The browsing behavior certification is implemented based on the expected behavior of the resulting model, so as to offer security for the client even in the case that web server has suffered XSS attacks.