Title: BOSF: BY-OWNER SCRIPT FILTERING

Year of Publication: 2013
Page Numbers: 26-30
Authors: Jungtae Kim, Kyoung-Soo Han, Biao Jiang, Eul Gyu Im
Conference Name: The Third International Conference on Digital Information Processing and Communications (ICDIPC2013)
- United Arab Emirates

Abstract:


Cross-Site Scripting (XSS) attacks are one of the most prevalent security threats all over the world. Although various defense methods have been proposed, most of them lack usability. Motivated by this reason, we present a location-based solution, called By-Owner Script Filtering (BOSF), which determines whether a script on a webpage can be executed or not using either the rules defined in the webpage or the information fetched from our database based on the ownership. BOSF is effective against various XSS attacks with minimal performance overheads, and more importantly, it places little requirements on developers and users.