A taxonomy of XSS attack detections in mobile environments based on automation capabilities

Alexander Boyett; Atef Shalan; Hossain Shahriar; Muhammad Asadur Rahman

doi:10.1109/COMPSAC51774.2021.00188

A taxonomy of XSS attack detections in mobile environments based on automation capabilities

Alexander Boyett, Atef Shalan, Hossain Shahriar, Muhammad Asadur Rahman

Information Technology

Research output: Contribution to book or proceeding › Conference article › peer-review

Abstract

HTML and JavaScript have become the go-to languages for many developers making apps for multiple smartphone operating systems.HTML provides developers with a way to make a universal framework to build cross-platform apps. This convenience does not come without risk, however. Being HTML-based, these apps are susceptible to Cross-Site Scripting (XSS). In this paper, we break down what a cross-site scripting attack is, how it works, and the security risks that come with it. We also investigate several different methods used to detect and path code with vulnerability.

Original language	English
Title of host publication	Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021
Editors	W. K. Chan, Bill Claycomb, Hiroki Takakura, Ji-Jiang Yang, Yuuichi Teranishi, Dave Towey, Sergio Segura, Hossain Shahriar, Sorel Reisman, Sheikh Iqbal Ahamed
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1339-1344
Number of pages	6
ISBN (Electronic)	9781665424639
DOIs	https://doi.org/10.1109/COMPSAC51774.2021.00188
State	Published - Jul 2021
Event	45th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2021 - Virtual, Online, Spain Duration: Jul 12 2021 → Jul 16 2021

Publication series

Name	Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021

Conference

Conference	45th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2021
Country/Territory	Spain
City	Virtual, Online
Period	07/12/21 → 07/16/21

Scopus Subject Areas

Artificial Intelligence
Computer Science Applications
Software

Keywords

Android system
Mobile applications
Secure software
XSS

Access to Document

10.1109/COMPSAC51774.2021.00188

Cite this

Boyett, A., Shalan, A., Shahriar, H., & Rahman, M. A. (2021). A taxonomy of XSS attack detections in mobile environments based on automation capabilities. In W. K. Chan, B. Claycomb, H. Takakura, J.-J. Yang, Y. Teranishi, D. Towey, S. Segura, H. Shahriar, S. Reisman, & S. I. Ahamed (Eds.), Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021 (pp. 1339-1344). (Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/COMPSAC51774.2021.00188

Boyett, Alexander ; Shalan, Atef ; Shahriar, Hossain et al. / A taxonomy of XSS attack detections in mobile environments based on automation capabilities. Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021. editor / W. K. Chan ; Bill Claycomb ; Hiroki Takakura ; Ji-Jiang Yang ; Yuuichi Teranishi ; Dave Towey ; Sergio Segura ; Hossain Shahriar ; Sorel Reisman ; Sheikh Iqbal Ahamed. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 1339-1344 (Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021).

@inproceedings{377173a91d7b4c7a9ad0b84b8618b166,

title = "A taxonomy of XSS attack detections in mobile environments based on automation capabilities",

abstract = "HTML and JavaScript have become the go-to languages for many developers making apps for multiple smartphone operating systems.HTML provides developers with a way to make a universal framework to build cross-platform apps. This convenience does not come without risk, however. Being HTML-based, these apps are susceptible to Cross-Site Scripting (XSS). In this paper, we break down what a cross-site scripting attack is, how it works, and the security risks that come with it. We also investigate several different methods used to detect and path code with vulnerability.",

keywords = "Android system, Mobile applications, Secure software, XSS",

author = "Alexander Boyett and Atef Shalan and Hossain Shahriar and Rahman, {Muhammad Asadur}",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 45th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2021 ; Conference date: 12-07-2021 Through 16-07-2021",

year = "2021",

month = jul,

doi = "10.1109/COMPSAC51774.2021.00188",

language = "English",

series = "Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1339--1344",

editor = "Chan, {W. K.} and Bill Claycomb and Hiroki Takakura and Ji-Jiang Yang and Yuuichi Teranishi and Dave Towey and Sergio Segura and Hossain Shahriar and Sorel Reisman and Ahamed, {Sheikh Iqbal}",

booktitle = "Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021",

address = "United States",

}

Boyett, A, Shalan, A, Shahriar, H & Rahman, MA 2021, A taxonomy of XSS attack detections in mobile environments based on automation capabilities. in WK Chan, B Claycomb, H Takakura, J-J Yang, Y Teranishi, D Towey, S Segura, H Shahriar, S Reisman & SI Ahamed (eds), Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021. Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021, Institute of Electrical and Electronics Engineers Inc., pp. 1339-1344, 45th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2021, Virtual, Online, Spain, 07/12/21. https://doi.org/10.1109/COMPSAC51774.2021.00188

A taxonomy of XSS attack detections in mobile environments based on automation capabilities. / Boyett, Alexander; Shalan, Atef; Shahriar, Hossain et al.
Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021. ed. / W. K. Chan; Bill Claycomb; Hiroki Takakura; Ji-Jiang Yang; Yuuichi Teranishi; Dave Towey; Sergio Segura; Hossain Shahriar; Sorel Reisman; Sheikh Iqbal Ahamed. Institute of Electrical and Electronics Engineers Inc., 2021. p. 1339-1344 (Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021).

Research output: Contribution to book or proceeding › Conference article › peer-review

TY - GEN

T1 - A taxonomy of XSS attack detections in mobile environments based on automation capabilities

AU - Boyett, Alexander

AU - Shalan, Atef

AU - Shahriar, Hossain

AU - Rahman, Muhammad Asadur

PY - 2021/7

Y1 - 2021/7

N2 - HTML and JavaScript have become the go-to languages for many developers making apps for multiple smartphone operating systems.HTML provides developers with a way to make a universal framework to build cross-platform apps. This convenience does not come without risk, however. Being HTML-based, these apps are susceptible to Cross-Site Scripting (XSS). In this paper, we break down what a cross-site scripting attack is, how it works, and the security risks that come with it. We also investigate several different methods used to detect and path code with vulnerability.

AB - HTML and JavaScript have become the go-to languages for many developers making apps for multiple smartphone operating systems.HTML provides developers with a way to make a universal framework to build cross-platform apps. This convenience does not come without risk, however. Being HTML-based, these apps are susceptible to Cross-Site Scripting (XSS). In this paper, we break down what a cross-site scripting attack is, how it works, and the security risks that come with it. We also investigate several different methods used to detect and path code with vulnerability.

KW - Android system

KW - Mobile applications

KW - Secure software

KW - XSS

UR - http://www.scopus.com/inward/record.url?scp=85115833458&partnerID=8YFLogxK

U2 - 10.1109/COMPSAC51774.2021.00188

DO - 10.1109/COMPSAC51774.2021.00188

M3 - Conference article

AN - SCOPUS:85115833458

T3 - Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021

SP - 1339

EP - 1344

BT - Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021

A2 - Chan, W. K.

A2 - Claycomb, Bill

A2 - Takakura, Hiroki

A2 - Yang, Ji-Jiang

A2 - Teranishi, Yuuichi

A2 - Towey, Dave

A2 - Segura, Sergio

A2 - Shahriar, Hossain

A2 - Reisman, Sorel

A2 - Ahamed, Sheikh Iqbal

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 45th IEEE Annual Computers, Software, and Applications Conference, COMPSAC 2021

Y2 - 12 July 2021 through 16 July 2021

ER -

Boyett A, Shalan A, Shahriar H, Rahman MA. A taxonomy of XSS attack detections in mobile environments based on automation capabilities. In Chan WK, Claycomb B, Takakura H, Yang JJ, Teranishi Y, Towey D, Segura S, Shahriar H, Reisman S, Ahamed SI, editors, Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 1339-1344. (Proceedings - 2021 IEEE 45th Annual Computers, Software, and Applications Conference, COMPSAC 2021). doi: 10.1109/COMPSAC51774.2021.00188

A taxonomy of XSS attack detections in mobile environments based on automation capabilities

Abstract

Publication series

Conference

Scopus Subject Areas

Keywords

Access to Document

Other files and links

Fingerprint

Cite this