NTUK, Anderson Emmanuel <br/><br/>
A DETECTION OF CROSS-SITE SCRIPTING ATTACK USING DYNAMIC ANALYSIS AND FUZZY INFERENCE SYSTEM 

 - Mr. O . J. Falana  
 - Ibafo  Computer science and Mathematics  2019 
 - ix; 70  dia, tables 
<br/><br/> The rising population of security problems today’s Web applications is caused by injected<br/>codes, with cross-site scripting (XSS) attacks being the most common and dangerous web<br/>application attacks through the second millennium, with its drastic crumbling effect on popular<br/>sites like Facebook, Samsung, Apple, E-bay, Amazon etc. It is challenging for Web<br/>applications to completely eradicate the vulnerabilities because of its difficulty to properly<br/>sanitize all the user inputs sent to it. It is often the case that these vulnerabilities are not detected<br/>on time and fixed leaving users to be exposed to numerous attacks and thefts of personal<br/>information. This work discusses on the various XSS, its types, its detection and prevention<br/>mechanisms, and presents a detection framework built by a hybrid mechanism using Dynamic<br/>Analysis and Fuzzy Inference to detect these vulnerabilities in web applications for effective<br/>solutions to be met. Firstly, the detection systems scans website for discovering potential points<br/>for injections. Secondly, generates attack vectors and injects and is sent as HTTP request to<br/>web application. Lastly scans the HTTP response for presence of Attack vectors. Detection<br/>capability of our detection system is evaluated on real world web applications and desired<br/>results were obtained 
<br/><br/><label>Subjects--Topical Terms: </label><br/>Computer Science