Scribd
Upload
72 views17 pages

Automata-Based XSS Vulnerability Detection

The document discusses detecting and preventing cross-site scripting (XSS) attacks on web applications. It proposes using automata-based symbolic string analysis to automatically verify string manipulation programs and detect XSS vulnerabilities. The analysis uses deterministic finite automata to compute pre- and post-conditions of string functions. This allows it to detect vulnerabilities through forward analysis and generate vulnerability signatures through backward analysis. The approach aims to provide sound and automatic verification of JSP web applications to find vulnerabilities and signatures.

Uploaded by

Selva Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
72 views17 pages

Automata-Based XSS Vulnerability Detection

The document discusses detecting and preventing cross-site scripting (XSS) attacks on web applications. It proposes using automata-based symbolic string analysis to automatically verify string manipulation programs and detect XSS vulnerabilities. The analysis uses deterministic finite automata to compute pre- and post-conditions of string functions. This allows it to detect vulnerabilities through forward analysis and generate vulnerability signatures through backward analysis. The approach aims to provide sound and automatic verification of JSP web applications to find vulnerabilities and signatures.

Uploaded by

Selva Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

HAUNTING MALICIOUS

ATTACKS IN THE NETWORKS

[Link] Ranjani.
M.E. CSE
Reg no:1051617
OBJECTIVE
• Detects vulnerabilities in web applications that
are due to scripting attacks.

• Proves the absence of vulnerabilities in web


applications that use proper sanitization

• Generates a characterization of all malicious


inputs that may compromise a vulnerable web
application
ABSTRACT
• Cross site scripting (XSS) are the most noted security
problem in web application.

• The existing server side counter measures are not


universally applied due to deployment overhead.

• The existing client side counter measures degrade the


performance of the client’s system.

• The proposed system uses automata-based symbolic string


analyses.

• We compute the pre- and post-conditions of common string


functions using deterministic finite automata (DFAs)
INTRODUCTION
• XSS was first noticed, when CERT (Computer Emergency
Response Team) published an advisory on newly identified
security vulnerability affecting all web applications.

• Three known variants of cross site scripting are:

 Reflected
 Stored
 DOM injection
REFERENCE PAPER -1
TITLE AUDITING THE DEFENSE AGAINST CROSS
SITE SCRIPTING IN WEB APPLICATIONS
AUTHOR Lwin Khin Shar and Hee Beng Kuan Tan
PUBLICATION
REFERENCE i) a novel approach for extracting XSS defense
features implemented in code to facilitate both
examination and auditing processes
ii) Livshits and Lam’s approach (Livshits and Lam,
2005).accounts for false positive rates did not
produce any false negative cases as assumed that a
complete vulnerability specification is provided by
user.

iii) Novel approach really helps in identifying actual


XSS vulnerabilities. But both could be used
together for more efficient code auditing process.
And this approach can only be used for small size
applications.
REFERENCE PAPER-2
TITLE A Static Analysis Tool for Detecting Web
Application Injection Vulnerabilities for ASP
Program
AUTHOR Zhang Xin-hua and Wang Zhi-jian
PUBLICATION
REFERNCE i) By Perl's Taint mode tracking taint data which to
be input, recording of data flow changes, to analyze
the corresponding constraints that violate the rules
or code of software vulnerabilities
ii) taint tracing to detect malicious input data and
ensure no output taint data could be used to derive
vulnerability for most taint data (XSS, SQL).
iii) This tool has manifests its usefulness in
examining the web sites based on ASP and many
rules should be implemented to detect sensitive
information and lower false positive amount within
an acceptable bound
REFERENCE PAPER-3
TITLE A Robust Defense Against Content-Sniffing
XSS Attacks

AUTHOR Misganaw Tadesse Gebre, Kyung-Suk Lhee


and ManPyo Hong
PUBLICATION

REFERENCE i) To defend against Content-Sniffing XSS attack ,


a server-side upload filter is proposed which
analyzes contents of file uploaded to server.
ii) ) by targeting a particular class of vulnerability
(the ContentSniffmg XSS attack in this case) this
solution achieves both accuracy and speed. And
more over this will be highly useful mainly for user
upload web applications. And do not support all
encoding schemes
REFERENCE PAPER-4
TITLE CROSS-SITE SCRIPTING-USE A CUSTOM
TAG LIBRARY TO ENCODE DYNAMIC
CONTENT
AUTHOR Paul Lee, I/T Architect, IBM Global Services

PUBLICATION

REFERENCE i) Web site developers can protect their sites from


being abused in conjunction with these attacks by
ensuring that dynamically generated pages do not
contained undesired tags
ii) Each input field, including link parameters will
be validated
for script tags. When found and dependent on the
context, the input will be rejected and thus prevent
the malicious HTML from being presented to the
user.
iii) a Web server adequately ensures that
generated pages are properly encoded to
prevent unintended execution of scripts.
iv) Each character in the ISO-8859-1
specification can be encoded using its
numeric entry value. Server side encoding
is a process where all dynamic content will
go through an encoding function where
scripting tags will be replaced with codes
in the chosen character set.

v) Unfortunately, encoding all untrusted


data can be resource intensive and may
have a performance impact on some Web
servers.
SYSTEM ANALYSIS:
PROBLEM DEFINITION:
EXISTING SYSTEM

• WebSSARI (Web Security via Static Analysis and Runtime


Inspection) – code analysis tool.
• WAVES (Web Application Vulnerability and Error
Scanner) - black-box security testing tool for Web
applications.

DISADVANTAGE
 Degrade the performance of the web server.
• On client side, the most effective solution is to disable all
scripting language support in user’s browsers and e-mail readers.

• keeping up to date with the latest browser patches and versions


is important.

DISADVANTAGES
 Users will not be willing to disable all scripting language
support.
 Users wont be keen to keep their browsers up to date.
 Not reliable solutions as they depend on user’s configuration.
 Cannot prevent newly introduced threat.
PROPOSED SYSTEM

• The proposed system is automata-based symbolic string


analyses for automatic verification of string manipulating
programs

• deterministic finite automata (DFAs) is used to compute


the pre and post conditions.

• The top three vulnerabilities in OWASPs top ten are due to


improper manipulation of strings:
1. Cross Site Scripting (XSS)
2. Injection Flaws (such as SQL injection)
3. Malicious File Execution (MFE)
• Detecting vulnerabilities :
– Use automata-based forward symbolic analysis.
• Generating vunerability signatures:
− We generate vulnerability signature using backward analysis

ADVANTAGES
• Sound verification techniques for JSP web application
vulnerability analysis and vulnerability signature generation.

• Combining forward and backward symbolic string analyses for


vulnerability signature generation .

• The first automata-based string analysis tool that can


automatically generate vulnerability signatures of vulnerable JSP
programs
REQUIREMENT ANALYSIS
SOFTWARE REQUIREMENTS:

Operating System : Windows xp


Programming Language : JAVA (JSP)

HARDWARE REQUIREMENTS:

System : Pentium iv 2.4 GHz


Hard disk : 40 GB
Monitor : 15 VGA colour.
Ram : 256 MB
SCOPE
• This prevention module can be implemented in all the web
servers to prevent the scripting attacks.

• Acts faster and time consuming in checking the data that is


to be delivered
THANK YOU

You might also like