Litcius/Paper detail

Towards a Lightweight, Hybrid Approach for Detecting DOM XSS Vulnerabilities with Machine Learning

William Melicher, Clement Fung, Lujo Bauer, Limin Jia

202130 citationsDOIOpen Access PDF

Abstract

Client-side cross-site scripting (DOM XSS) vulnerabilities in web applications are common, hard to identify, and difficult to prevent. Taint tracking is the most promising approach for detecting DOM XSS with high precision and recall, but is too computationally expensive for many practical uses.

Topics & Concepts

Cross-site scriptingComputer scienceScripting languageTaint checkingWeb applicationComputer securityPrecision and recallArtificial intelligenceWorld Wide WebWeb application securityOperating systemSoftwareWeb serviceWeb developmentWeb Application Security VulnerabilitiesSoftware Engineering Research