Please use this identifier to cite or link to this item:
https://rfos.fon.bg.ac.rs/handle/123456789/2399Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.creator | Korać, Dragan | |
| dc.creator | Damjanović, Boris | |
| dc.creator | Simić, Dejan | |
| dc.creator | Choo, K.-K.R. | |
| dc.date.accessioned | 2023-05-12T11:45:24Z | - |
| dc.date.available | 2023-05-12T11:45:24Z | - |
| dc.date.issued | 2022 | |
| dc.identifier.issn | 1319-1578 | |
| dc.identifier.uri | https://rfos.fon.bg.ac.rs/handle/123456789/2399 | - |
| dc.description.abstract | Cross-site scripting (XSS) attacks have been extensively studied in the literature, although mitigating such attacks remain a challenge for cyber defenders. In this paper, we survey the existing literature on XSS attacks, focusing on the range of attacks and potential mitigation strategies. Specifically, we review the various XSS attacks from the lens of an attacker. We use a workflow diagram to define the topological relationship among XSS attacks, and to highlight key system weaknesses (e.g., chokepoints). We also present a Hybrid XSS attack (HYXSSA), designed to facilitate the identification of existing and future potential attack vectors in different modalities presented as frameworks (fi). For quantification and visualization of these frameworks, the software application as a rotate view tool is developed. Moreover, we demonstrate how these derived frameworks can be implemented, and provide a guideline to defend against XSS attacks. The implementation results for the given two attack vector shows the feasibility of mapping of attack vectors to actual mathematical vectors. Finally, we present potential challenges and opportunities associated with XSS attacks. | en |
| dc.publisher | King Saud bin Abdulaziz University | |
| dc.rights | openAccess | |
| dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | |
| dc.source | Journal of King Saud University - Computer and Information Sciences | |
| dc.subject | Work from home | en |
| dc.subject | Hybrid XSS attack (HYXSSA) | en |
| dc.subject | Fusion | en |
| dc.subject | Cybersecurity | en |
| dc.subject | Cross-site scripting (XSS) | en |
| dc.subject | Attack vector | en |
| dc.title | A hybrid XSS attack (HYXSSA) based on fusion approach: Challenges, threats and implications in cybersecurity | en |
| dc.type | article | |
| dc.rights.license | BY | |
| dc.citation.epage | 9300 | |
| dc.citation.issue | 10 | |
| dc.citation.other | 34(10): 9284-9300 | |
| dc.citation.rank | aM21~ | |
| dc.citation.spage | 9284 | |
| dc.citation.volume | 34 | |
| dc.identifier.doi | 10.1016/j.jksuci.2022.09.008 | |
| dc.identifier.rcub | conv_3741 | |
| dc.identifier.scopus | 2-s2.0-85139300963 | |
| dc.identifier.wos | 000999620800024 | |
| dc.type.version | publishedVersion | |
| item.cerifentitytype | Publications | - |
| item.fulltext | No Fulltext | - |
| item.grantfulltext | none | - |
| item.openairetype | article | - |
| item.openairecristype | http://purl.org/coar/resource_type/c_18cf | - |
| Appears in Collections: | Radovi istraživača / Researchers’ publications | |
This item is licensed under a Creative Commons License
