1. home
  2. trasparenza
  3. open fp7
  4. xhunter

XHUNTER

XHUNTER: Tracking XSS on the Net

 Coordinatore FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS 

 Organization address address: N PLASTIRA STR 100
city: HERAKLION
postcode: 70013

contact info
Titolo: Prof.
Nome: Evangelos
Cognome: Markatos
Email: send email
Telefono: +30 2810391655
Fax: +30 2810 391493
 Nazionalità Coordinatore Greece [EL]
 Totale costo 219˙392 €
 EC contributo 219˙392 €
 Programma FP7-PEOPLE
Specific programme "People" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013)
 Code Call FP7-PEOPLE-2010-IOF
 Funding Scheme MC-IOF
 Anno di inizio 2011
 Periodo (anno-mese-giorno) 2011-11-01   -   2014-10-31

 Partecipanti

# participant  country  role  EC contrib. [€] 
1    FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS

 Organization address address: N PLASTIRA STR 100
city: HERAKLION
postcode: 70013

contact info
Titolo: Prof.
Nome: Evangelos
Cognome: Markatos
Email: send email
Telefono: +30 2810391655
Fax: +30 2810 391493

 EL (HERAKLION) coordinator 219˙392.80

Mappa


 Word cloud

Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.

syntax    valid    site    urls    vulnerabilities    attempts    scripting    javascript    web    applications    tree    network    attacks    xss    cross    injection   

 Obiettivo del progetto (Objective)

'Code-injection attacks through Cross-Site Scripting (XSS) in the web browser have observed a significant increase over the previous years. According to a September-2009 report published by the SANS Institute, attacks against web applications constitute more than 60% of the total attack attempts observed on the Internet. Web application vulnerabilities such as SQL injection and Cross-Site Scripting flaws in open-source as well as custom-built applications account for more than 80% of the vulnerabilities being discovered. In this project we propose the design and development of a prototype that can inspect passively the network for extracting URLs that can potentially exploit a web application, through XSS. The detector assumes that all URLs that contain parts that can produce a valid JavaScript syntax tree are considered suspicious. We will develop tools that identify text fragments of URLs, exchanged in the network, that produce a valid JavaScript syntax-tree of high depth. These URLs are considered as possible XSS exploitation attempts.'

Altri progetti dello stesso programma (FP7-PEOPLE)

SIMULAQI (2007)

Development of ab initio based classical interaction potentials for the study of the structure and dynamics of aqueous solutions and interfaces

Read More  

DIFFUSE BARYONS (2010)

Diffuse Baryons in Space

Read More  

DIGITAL DUETS (2015)

DIGITAL Devices for mUltimodal Expression Through vocal Synthesis

Read More