Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Prof. Kyung-Goo Doh | - |
dc.contributor.author | 사하수만 | - |
dc.date.accessioned | 2020-04-01T16:32:25Z | - |
dc.date.available | 2020-04-01T16:32:25Z | - |
dc.date.issued | 2010-02 | - |
dc.identifier.uri | https://repository.hanyang.ac.kr/handle/20.500.11754/141985 | - |
dc.identifier.uri | http://hanyang.dcollection.net/common/orgView/200000413286 | en_US |
dc.description.abstract | A malicious hacker may inject untrustworthy payload in a dynamically generated page intentionally. If a web server does not adequately sanitize the input data, the inadvertent execution of client-side scripts injected by malicious users creates security problems. DOM-based Cross-site Scripting (XSS) is a type of XSS that creates such types of security problems in client side. This thesis presents a static taint analysis for detecting DOM-based XSS holes from dynamically generated error pages, which directly addresses the absence of built-in filter function. We provided an experimental study that sheds light on the DOM-based XSS holes present in web applications and reveals the severity of this type of XSS in the web world. Moreover, we survey all the techniques that have been used to detect XSS and arrange a number of analyses to evaluate performances of those methodologies. This thesis also points out major difficulties to detect XSS. | - |
dc.publisher | 한양대학교 | - |
dc.title | Static Analysis of DOM-based Cross-Site Scripting | - |
dc.type | Theses | - |
dc.contributor.googleauthor | 사하수만 | - |
dc.sector.campus | S | - |
dc.sector.daehak | 대학원 | - |
dc.sector.department | 컴퓨터공학과 | - |
dc.description.degree | Master | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.