Design and development of Anti-XSS proxy

Abstract

Cross-Site Scripting (XSS) vulnerability allows an attacker to inject arbitrary JavaScript code that can be executed in the victim's browser and cause security breaches. The discovery of XSS is still widespread among today's web applications. As a result, there is a need to improve existing solutions or develop novel attack detection techniques. This paper proposes a proxy-level design and development of XSS attack detection approach (Anti-XSS) based on Kullback-Leibler Divergence (KLD) measure. The proposed approach has been applied for a number of open-source PHP web applications containing XSS vulnerabilities. The initial results show that the approach can effectively detect XSS attacks while displaying a low false positive rate depending on the choice of threshold values of KLD.