Auditing the XSS defence features implemented in web application programs

Auditing the XSS defence features implemented in web application programs

Cross site scripting (XSS) vulnerability is mainly caused by the failure of web applications in sanitising user inputs embedded in web pages. Even though state-of-the-art defensive coding methods and vulnerability detection methods are often used by developers and security auditors, XSS flaws still...

Full description

Saved in:

Bibliographic Details
Main Authors:	SHAR, Lwin Khin, TAN, Hee Beng Kuan
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2012
Subjects:	Programming Languages and Compilers Software Engineering
Online Access:	https://ink.library.smu.edu.sg/sis_research/4928
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Auditing the XSS defence features implemented in web application programs
by: Shar, Lwin Khin, et al.
Published: (2013)

Web application vulnerability prediction using hybrid program analysis and machine learning
by: SHAR, Lwin Khin, et al.
Published: (2014)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

AP-coach: Formative feedback generation for learning introductory programming concepts
by: TA, Nguyen Binh Duong, et al.
Published: (2022)

A formal model of semantic Web Service Ontology (WSMO) execution
by: WANG, Hai H., et al.
Published: (2008)

XSS for the masses: Integrating security in a web programming course using a security scanner
by: SHAR, Lwin Khin, et al.
Published: (2022)

Integrating specification and programs for system modeling and verification
by: SUN, Jun, et al.
Published: (2009)

An interference-free programming model for network objects
by: SCHILL, Mischael, et al.
Published: (2016)

Learning program semantics with code representations: An empirical study
by: SIOW, Jing Kai, et al.
Published: (2022)

A graph-based semantics workbench for concurrent Asynchronous programs
by: CORRODI, Claudio, et al.
Published: (2016)

JSCSP: A novel policy-based XSS defense mechanism for browsers
by: XU, Guangquan, et al.
Published: (2022)

Auditing the defense against cross site scripting in web applications
by: SHAR, Lwin Khin, et al.
Published: (2010)

Static analysis of context leaks in android applications
by: TOFFALINI, Flavio, et al.
Published: (2018)

Functionality & privacy in mobile applications - who's going to win the game
by: Gao, Debin
Published: (2019)

Scaling-up stackelberg security games applications using approximations
by: SINHA, Arunesh, et al.
Published: (2018)

Sound and complete certificates for quantitative termination analysis of probabilistic programs
by: CHATTERJEE, Krishnendu, et al.
Published: (2022)

Program evaluation for Easy, C, Pascal programming languages
by: Garcia, Arnaldo, et al.
Published: (1989)

INFAR: insight extraction from app reviews
by: GAO, Cuiyun, et al.
Published: (2018)

An efficient algorithm for learning event-recording automata
by: LIN, Shang-Wei, et al.
Published: (2011)

Towards expressive specification and efficient model checking
by: DONG, Jin Song, et al.
Published: (2009)

Verification of population ring protocols in PAT
by: LIU, Yang, et al.
Published: (2009)

A scalable approach to multi-style architectural modeling and verification
by: WONG, Stephen, et al.
Published: (2008)

Resource constrained deep reinforcement learning
by: BHATIA, Abhinav, et al.
Published: (2019)

Complexity of the soundness problem of workflow nets
by: LIU, Guan Jun, et al.
Published: (2014)

CELL: A compositional verification framework
by: JI, Kun, et al.
Published: (2013)

Using monterey phoenix to formalize and verify system architectures
by: ZHANG, Jiexin, et al.
Published: (2012)

Model checking approach to automated planning
by: LI, Yi, et al.
Published: (2014)

Omnidirectional coverage for device-free passive human detection
by: ZHOU, Zimu, et al.
Published: (2013)

Automatic code review by learning the revision of source code
by: SHI, Shu-Ting, et al.
Published: (2019)

A verification system for interval-based specification languages
by: CHEN, Chunqing, et al.
Published: (2010)

Retrieval-augmented generation for code summarization via hybrid GNN
by: LIU, Shangqing, et al.
Published: (2021)

Towards using concurrent Java API correctly
by: LIU, Shuang, et al.
Published: (2016)

Scaling BDD-based timed verification with simulation reduction
by: NGUYEN, Truong Khanh, et al.
Published: (2016)

Diamonds are a girl's best friend: Partial order reduction for timed automata with abstractions
by: HANSEN, Henri, et al.
Published: (2014)

Multiagent decision making and learning in urban environments
by: KUMAR, Akshat
Published: (2019)

Towards LLM-based fact verification on news claims with a hierarchical step-by-step prompting method
by: ZHANG, Xuan, et al.
Published: (2023)

Encoding version history context for better code representation
by: NGUYEN, Huy, et al.
Published: (2024)

A case study on automated fuzz target generation for large codebases
by: KELLY, Matthew, et al.
Published: (2019)

Large language model for vulnerability detection: Emerging results and future directions
by: ZHOU, Xin, et al.
Published: (2024)

Parallel programming - A critique
by: Yuen, C.K.
Published: (2014)