japaneseenglish

projects

Concluded Working Groups


Cross-Site Scripting WG (xss)

  • Theme:This working group discusses varies of solutions on Cross-Site Scripting vulnerability.
  • Chair:Omar Ismail, Masashi Eto
  • Area:Area 3. Security
  • Started:2003/05/26
  • Expire Date:2004/08/13

Achievements:

The mission of this working group is to develop and discuss approaches that protect browser users from XSS (cross side vulnerabilities) attacks. This WG has successfully proposed and implemented an approach to not only detect XSS vulnerable Web servers and client side XSS attacks but also provide protection to browser users. By testing the approach in WIDE camp's network environment, it proved that the system is very effective on detecting XSS vulnerabilities and XSS attacks. Also, through BoF discussion, the WG received very valuable advices on the topics of XSS. As a result, this WG has published a conference paper and a WIDE project report documentation which are listed below.

Conference paper:

Omar Ismail, Masashi Eto, Youki Kadobayashi, Suguru Yamaguchi. "A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability". In the 18th International Conference on Advanced Information Networking and Applications (Fukuoka Japan, March 2004).

WIDE project report:

XSS Working Group.
" A Defense Approach for Cross-Site Scripting Attacks".
WIDE Project Report 2003, pp.237-247

  • NSPIXPリンク
  • SOIリンク
  • AIIIリンク
WIDE Award