XHUNTER

XHUNTER: Tracking XSS on the Net

 Coordinatore FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS 

 Organization address address: N PLASTIRA STR 100
city: HERAKLION
postcode: 70013

contact info
Titolo: Prof.
Nome: Evangelos
Cognome: Markatos
Email: send email
Telefono: +30 2810391655
Fax: +30 2810 391493

 Nazionalità Coordinatore Greece [EL]
 Totale costo 219˙392 €
 EC contributo 219˙392 €
 Programma FP7-PEOPLE
Specific programme "People" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013)
 Code Call FP7-PEOPLE-2010-IOF
 Funding Scheme MC-IOF
 Anno di inizio 2011
 Periodo (anno-mese-giorno) 2011-11-01   -   2014-10-31

 Partecipanti

# participant  country  role  EC contrib. [€] 
1    FOUNDATION FOR RESEARCH AND TECHNOLOGY HELLAS

 Organization address address: N PLASTIRA STR 100
city: HERAKLION
postcode: 70013

contact info
Titolo: Prof.
Nome: Evangelos
Cognome: Markatos
Email: send email
Telefono: +30 2810391655
Fax: +30 2810 391493

EL (HERAKLION) coordinator 219˙392.80

Mappa


 Word cloud

Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.

valid    site    scripting    xss    web    javascript    injection    attempts    network    cross    syntax    tree    vulnerabilities    applications    attacks    urls   

 Obiettivo del progetto (Objective)

'Code-injection attacks through Cross-Site Scripting (XSS) in the web browser have observed a significant increase over the previous years. According to a September-2009 report published by the SANS Institute, attacks against web applications constitute more than 60% of the total attack attempts observed on the Internet. Web application vulnerabilities such as SQL injection and Cross-Site Scripting flaws in open-source as well as custom-built applications account for more than 80% of the vulnerabilities being discovered. In this project we propose the design and development of a prototype that can inspect passively the network for extracting URLs that can potentially exploit a web application, through XSS. The detector assumes that all URLs that contain parts that can produce a valid JavaScript syntax tree are considered suspicious. We will develop tools that identify text fragments of URLs, exchanged in the network, that produce a valid JavaScript syntax-tree of high depth. These URLs are considered as possible XSS exploitation attempts.'

Altri progetti dello stesso programma (FP7-PEOPLE)

AGEING SKELETON (2011)

"LINKING AGEING, DIET AND SKELETAL DEGENERATION: ROLE OF LONGEVITY-GENE SIRT1 IN THE MAINTENANCE OF MUSCULOSKELETAL INTEGRITY WITH AGE"

Read More  

HIGH-Z BLACK HOLES (2009)

The mass and growth of (obscured) black holes and their host galaxies since the Universe was young

Read More  

ETAM (2013)

A Mathematical Study of Electronic Transport in Aperiodic Media

Read More