#	Pagina
attuale pagina	/open-fp7/projects/99616/index.html
-1	/open-h2020/projects/200820/index.html
-2	/open-fp7/projects/187789/index.html
-3	/open-fp7/projects/104423/index.html
-4	/open-fp7/projects/85364/index.html
-5	/open-fp7/projects/98321/index.html
-6	/open-h2020/per-programme/h2020-eu.3.2.5.2./index.html
-7	/open-fp7/projects/89904/index.html
-8	/open-fp7/projects/94253/index.html
-9	/open-h2020/projects/201681/index.html
-10	/open-fp7/projects/92810/index.html

XHUNTER

XHUNTER: Tracking XSS on the Net

Coordinatore	FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS Organization address address: N PLASTIRA STR 100 city: HERAKLION postcode: 70013 contact info Titolo: Prof. Nome: Evangelos Cognome: Markatos Email: send email Telefono: +30 2810391655 Fax: +30 2810 391493
Nazionalità Coordinatore	Greece [EL]
Totale costo	219˙392 €
EC contributo	219˙392 €
Programma	FP7-PEOPLE Specific programme "People" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013)
Code Call	FP7-PEOPLE-2010-IOF
Funding Scheme	MC-IOF
Anno di inizio	2011
Periodo (anno-mese-giorno)	2011-11-01 - 2014-10-31

Partecipanti

#	participant	country	role	EC contrib. [€]
1	FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS Organization address address: N PLASTIRA STR 100 city: HERAKLION postcode: 70013 contact info Titolo: Prof. Nome: Evangelos Cognome: Markatos Email: send email Telefono: +30 2810391655 Fax: +30 2810 391493	EL (HERAKLION)	coordinator	219˙392.80

Mappa

Word cloud

Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.

valid site scripting xss web javascript injection attempts network cross syntax tree vulnerabilities applications attacks urls

Obiettivo del progetto (Objective)

'Code-injection attacks through Cross-Site Scripting (XSS) in the web browser have observed a significant increase over the previous years. According to a September-2009 report published by the SANS Institute, attacks against web applications constitute more than 60% of the total attack attempts observed on the Internet. Web application vulnerabilities such as SQL injection and Cross-Site Scripting flaws in open-source as well as custom-built applications account for more than 80% of the vulnerabilities being discovered. In this project we propose the design and development of a prototype that can inspect passively the network for extracting URLs that can potentially exploit a web application, through XSS. The detector assumes that all URLs that contain parts that can produce a valid JavaScript syntax tree are considered suspicious. We will develop tools that identify text fragments of URLs, exchanged in the network, that produce a valid JavaScript syntax-tree of high depth. These URLs are considered as possible XSS exploitation attempts.'

Altri progetti dello stesso programma (FP7-PEOPLE)