Abstract
Cross-Site Scripting (XSS) attack is a vulnerability typical of Web applications, where malicious scripts are injected into trusted websites. It allows attackers to execute scripts in the victims browser which can hijack user sessions, deface websites, steal cookies or redirect the user to malicious sites. This paper presents Cookie Scout, an analytical model for preventing XSS attacks, which main goal is to classify cookies according to their parameters. For this purpose we collect, analyse and classify the type of traffic in a botnet using the Browser Exploitation Framework (Beef) tool for execute attacks and malicious code remotely in a controlled testing environment. With the parameters obtained from the traffic analysis, an algorithm was designed to detect suspicious websites based on the reputation of their cookies. The results obtained showed that the parameters of the cookies were a good reference to determine malicious websites.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
NOSCRIPT (2007), https://addons.mozilla.org/es/firefox/addon/noscript/
NOXSS (2007), https://addons.mozilla.org/en-us/firefox/addon/noxss/
Cross-site Scripting (XSS) OWASP (2017), https://www.owasp.org/index.php
Bisht, P., Venkatakrishnan, V.N.: XSS-GUARD: precise dynamic prevention of cross-site scripting attacks, pp. 23–43. Springer, Heidelberg (2008)
Gundy, M.V., Chen, H.: Noncespaces: using randomization to defeat cross-site scripting attacks. Comput. Secur. 31(4), 612–628 (2012)
Gupta, S., Gupta, B.B.: Cross-site scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. Int. J. Syst. Assur. Eng. Manag. 8(1), 512–530 (2017)
Kirda, E., Jovanovic, N., Kruegel, C., Vigna, G.: Client-side cross-site scripting protection. Comput. Secur. 28(7), 592–604 (2009)
Putthacharoen, R., Bunyatnoparat, P.: Protecting cookies from cross site script attacks using dynamic cookies rewriting technique. In: 13th International Conference on Advanced Communication Technology (ICACT 2011), pp. 1090–1094 (2011)
Jim, N. Swamy, M.H.: Beep: browser-enforced embedded policies. In: 16th International WorldWide Web Conference (WWW 2007), pp. 1090–1094 (2007)
Takahashi, H., Yasunaga, K., Mambo, M., Kim, K., Youm, H.Y.: Preventing abuse of cookies stolen by XSS. In: 2013 Eighth Asia Joint Conference on Information Security, pp. 85–89 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Rodríguez, G.E., Benavides, D.E., Torres, J., Flores, P., Fuertes, W. (2018). Cookie Scout: An Analytic Model for Prevention of Cross-Site Scripting (XSS) Using a Cookie Classifier. In: Rocha, Á., Guarda, T. (eds) Proceedings of the International Conference on Information Technology & Systems (ICITS 2018). ICITS 2018. Advances in Intelligent Systems and Computing, vol 721. Springer, Cham. https://doi.org/10.1007/978-3-319-73450-7_47
Download citation
DOI: https://doi.org/10.1007/978-3-319-73450-7_47
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-73449-1
Online ISBN: 978-3-319-73450-7
eBook Packages: EngineeringEngineering (R0)