A XSS Defensive Scheme Based on Behavior Certification

2012 ◽  
Vol 241-244 ◽  
pp. 2365-2369
Author(s):  
Hua Jie Xu ◽  
Xiao Ming Hu ◽  
Dong Dong Zhang
Keyword(s):  
User Experience ◽  
User Behavior ◽  
Web Server ◽  
Behavior Model ◽  
Scripting Languages ◽  
Browsing Behavior ◽  
Cross Site

The Scripting languages (mostly JavaScript) applications in the network are heavily used to improve the user experience now. The trends make XSS (Cross-site Scripting Attacks) the most serious security problems in the current Internet. A XSS defensive scheme based on behavior certification is proposed in the paper. The website behavior model is generated based on the website logic and the user behavior. The browsing behavior certification is implemented based on the expected behavior of the resulting model, so as to offer security for the client even in the case that web server has suffered XSS attacks.

scholarly journals User Identification in the Process of Web Usage Data Preprocessing

2019 ◽  
Vol 14 (09) ◽  
pp. 21 ◽  
Author(s):  
Jozef Kapusta ◽  
Michal Munk ◽  
Dominik Halvoník ◽  
Martin Drlík
Keyword(s):  
User Behavior ◽  
Web Server ◽  
Web Browser ◽  
Ip Address ◽  
User Session ◽  
Log Files ◽  
The Us ◽  
Log File ◽  
Default Form

If we are talking about user behavior analytics, we have to understand what the main source of valuable information is. One of these sources is definitely a web server. There are multiple places where we can extract the necessary data. The most common ways are to search for these data in access log, error log, custom log files of web server, proxy server log file, web browser log, browser cookies etc. A web server log is in its default form known as a Common Log File (W3C, 1995) and keeps information about IP address; date and time of visit; ac-cessed and referenced resource. There are standardized methodologies which contain several steps leading to extract new knowledge from provided data. Usu-ally, the first step is in each one of them to identify users, users’ sessions, page views, and clickstreams. This process is called pre-processing. Main goal of this stage is to receive unprocessed web server log file as input and after processing outputs meaningful representations which can be used in next phase. In this pa-per, we describe in detail user session identification which can be considered as most important part of data pre-processing. Our paper aims to compare the us-er/session identification using the STT with the identification of user/session us-ing cookies. This comparison was performed concerning the quality of the se-quential rules generated, i.e., a comparison was made regarding generation useful, trivial and inexplicable rules.

scholarly journals PRUB: A Privacy Protection Friend Recommendation System Based on User Behavior

2016 ◽  
Vol 2016 ◽  
pp. 1-12 ◽  
Author(s):  
Wei Jiang ◽  
Ruijin Wang ◽  
Zhiyuan Xu ◽  
Yaodong Huang ◽  
Shuo Chang ◽  
...  
Keyword(s):  
Social Network ◽  
Recommendation System ◽  
User Behavior ◽  
Network Services ◽  
Mobile Social Network ◽  
Fine Grained ◽  
Friend Recommendation ◽  
Social Applications ◽  
Browsing Behavior ◽  
Behavioral Information

The fast developing social network is a double-edged sword. It remains a serious problem to provide users with excellent mobile social network services as well as protecting privacy data. Most popular social applications utilize behavior of users to build connection with people having similar behavior, thus improving user experience. However, many users do not want to share their certain behavioral information to the recommendation system. In this paper, we aim to design a secure friend recommendation system based on the user behavior, called PRUB. The system proposed aims at achieving fine-grained recommendation to friends who share some same characteristics without exposing the actual user behavior. We utilized the anonymous data from a Chinese ISP, which records the user browsing behavior, for 3 months to test our system. The experiment result shows that our system can achieve a remarkable recommendation goal and, at the same time, protect the privacy of the user behavior information.

Considering Different Motivations in Design for Consumer-Behavior Change

2015 ◽  
Author(s):  
Jayesh Srivastava ◽  
L. H. Shu
Keyword(s):  
User Behavior ◽  
Explanatory Power ◽  
Design Tool ◽  
Behavior Model ◽  
News Sources ◽  
User Comments ◽  
Different Types ◽  
Explicit Consideration ◽  
Environmental Agreement ◽  
Different Levels

Much existing work aims to understand how to change human behavior through product-design interventions. Given the diversity of individuals and their motivations, solutions that address different motives are surprisingly rare. We aim to develop and validate a framework that clearly identifies and targets different types of behavioral motives in users. We present a behavior model comprising egoistic, sociocultural and altruistic motives, and apply the model to sustainable behavior. We confirmed the explanatory power of the behavior model by categorizing user comments about an international environmental agreement from multiple news sources. We next developed concepts, each intended to target a single motive type, and elicited evaluations from online respondents who self-assessed their motivation type after evaluating the concepts. We present and discuss correlation results between motive types and preference for products that target these types for two iterations of the experiment. Deviations from our expected results are mainly due to unexpected perceptions, both positive and negative, of our concepts. Despite this, the main value of this work lies in the explicit consideration of a manageable number of different types of motives. A proposed design tool incorporates the three types of motives from the model with the different levels of persuasion others have proposed to change user behavior.

Sign in / Sign up

Export Citation Format

Share Document