{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T19:11:37Z","timestamp":1725909097674},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319569901"},{"type":"electronic","value":"9783319569918"}],"license":[{"start":{"date-parts":[[2017,8,23]],"date-time":"2017-08-23T00:00:00Z","timestamp":1503446400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-56991-8_53","type":"book-chapter","created":{"date-parts":[[2017,8,22]],"date-time":"2017-08-22T03:57:16Z","timestamp":1503374236000},"page":"738-754","source":"Crossref","is-referenced-by-count":0,"title":["Effective Solutions for Most Common Vulnerabilities in Web Applications"],"prefix":"10.1007","author":[{"given":"Moudhi","family":"Aljamea","sequence":"first","affiliation":[]},{"given":"Costas S.","family":"Iliopoulos","sequence":"additional","affiliation":[]},{"given":"M.","family":"Samiruzzaman","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,23]]},"reference":[{"key":"53_CR1","unstructured":"Introduction to client side web scripting. http:\/\/einstein.etsu.edu\/~pittares\/podcast\/slides\/Fall2009\/01-Introduction20to%20Client-Side%20Web%20Scripting-Student%20Version.pdf"},{"key":"53_CR2","unstructured":"Setting up secure cookies. https:\/\/msdn.microsoft.com\/en-us\/library\/ms228262(v=VS.80).aspx"},{"key":"53_CR3","doi-asserted-by":"crossref","unstructured":"Antunes, N., Vieira, M.: Benchmarking vulnerability detection tools for web services. In: 2010 IEEE International Conference on Web Services (ICWS), pp. 203\u2013210. IEEE (2010)","DOI":"10.1109\/ICWS.2010.76"},{"key":"53_CR4","doi-asserted-by":"crossref","unstructured":"Boyd, S.W., Keromytis, A.D.: SQLrand: preventing SQL injection attacks. In: Applied Cryptography and Network Security, pp. 292\u2013302. Springer (2004)","DOI":"10.1007\/978-3-540-24852-1_21"},{"key":"53_CR5","unstructured":"CWE\/SANS: Cwe\/sans top 25 most dangerous software errors (2011). http:\/\/cwe.mitre.org\/top25\/archive\/2011\/2011_cwe_sans_top25.pdf"},{"key":"53_CR6","doi-asserted-by":"crossref","unstructured":"Di Lucca, G.A., Fasolino, A.R., Mastoianni, M., Tramontana, P.: Identifying cross site scripting vulnerabilities in web applications. In: 26th Annual International Telecommunications Energy Conference, INTELEC 2004, pp. 71\u201380. IEEE (2004)","DOI":"10.1109\/WSE.2004.10013"},{"key":"53_CR7","doi-asserted-by":"crossref","unstructured":"Gupta, S., Gupta, B.: Cross-site scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. Int. J. Syst. Assur. Eng. Manag. 1\u201319 (2015)","DOI":"10.1007\/s13198-015-0376-0"},{"key":"53_CR8","unstructured":"Halfond, W., Viegas, J., Orso, A.: A classification of SQL-injection attacks and countermeasures. In: Proceedings of the IEEE International Symposium on Secure Software Engineering, vol. 1, pp. 13\u201315. IEEE (2006)"},{"key":"53_CR9","doi-asserted-by":"crossref","first-page":"170","DOI":"10.1016\/j.infsof.2014.07.010","volume":"58","author":"I Hydara","year":"2015","unstructured":"Hydara, I., Sultan, A.B.M., Zulzalil, H., Admodisastro, N.: Current state of research on cross-site scripting (XSS)-a systematic literature review. Inf. Softw. Technol. 58, 170\u2013186 (2015)","journal-title":"Inf. Softw. Technol."},{"key":"53_CR10","doi-asserted-by":"crossref","unstructured":"Hydara, I., Sultan, A.B.M., Zulzalil, H., Admodisastro, N.: Current state of research on cross-site scripting (XSS)\u2013a systematic literature review. Inf. Softw. Technol. 58, 170\u2013186 (2015)","DOI":"10.1016\/j.infsof.2014.07.010"},{"key":"53_CR11","unstructured":"K\u00e4fer, K.: Cross site request forgery (2008)"},{"key":"53_CR12","doi-asserted-by":"crossref","unstructured":"Khan, N., Abdullah, J., Khan, A.S.: Towards vulnerability prevention model for web browser using interceptor approach. In: 2015 9th International Conference on IT in Asia (CITA), pp. 1\u20135. IEEE (2015)","DOI":"10.1109\/CITA.2015.7349842"},{"key":"53_CR13","unstructured":"OWASP: Owasp top 10\u20132013 the ten most critical web application security risks (2013). https:\/\/www.owasp.org\/index.php\/Top10#tab=OWASP_Top_10_for_2013"},{"key":"53_CR14","unstructured":"OWASP: Cross-site request forgery (CSRF) prevention cheatsheet (2015). https:\/\/www.owasp.org\/index.php\/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet"},{"key":"53_CR15","unstructured":"Samiruzzaman, M.: Vulnerability fix example in vbscript and javascript. http:\/\/samirsoftware.com\/code.pdf"},{"key":"53_CR16","unstructured":"Inglesant, P., Sasse, M.A.: The true cost of unusable password policies:password use in the wild. https:\/\/www.cl.cam.ac.uk\/~rja14\/shb10\/angela2.pdf"},{"key":"53_CR17","doi-asserted-by":"crossref","unstructured":"Shahriar, H., Zulkernine, M.: Client-side detection of cross-site request forgery attacks. In: 2010 IEEE 21st International Symposium on Software Reliability Engineering (ISSRE), pp. 358\u2013367. IEEE (2010)","DOI":"10.1109\/ISSRE.2010.12"},{"key":"53_CR18","doi-asserted-by":"crossref","unstructured":"Siddiqui, M.S., Verma, D.: Cross site request forgery: a common web application weakness. In: 2011 IEEE 3rd International Conference on Communication Software and Networks (ICCSN), pp. 538\u2013543. IEEE (2011)","DOI":"10.1109\/ICCSN.2011.6014783"},{"key":"53_CR19","unstructured":"Microsoft TechNet: SQL injection. https:\/\/technet.microsoft.com\/en-us\/library\/ms161953(v=SQL.105).aspx"},{"key":"53_CR20","unstructured":"WhiteHat: Whitehat security statistics report 2015 (2015). https:\/\/www.whitehatsec.com\/statistics-report\/featured\/2015\/05\/21\/statsreport.html"}],"container-title":["Lecture Notes in Networks and Systems","Proceedings of SAI Intelligent Systems Conference (IntelliSys) 2016"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-56991-8_53","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,2]],"date-time":"2019-10-02T17:04:29Z","timestamp":1570035869000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-56991-8_53"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,23]]},"ISBN":["9783319569901","9783319569918"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-56991-8_53","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"type":"print","value":"2367-3370"},{"type":"electronic","value":"2367-3389"}],"subject":[],"published":{"date-parts":[[2017,8,23]]}}}