{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T03:50:22Z","timestamp":1760586622244},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642315398"},{"type":"electronic","value":"9783642315404"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-31540-4_17","type":"book-chapter","created":{"date-parts":[[2012,6,25]],"date-time":"2012-06-25T13:18:03Z","timestamp":1340630283000},"page":"223-238","source":"Crossref","is-referenced-by-count":7,"title":["XSS-Dec: A Hybrid Solution to Mitigate Cross-Site Scripting Attacks"],"prefix":"10.1007","author":[{"given":"Smitha","family":"Sundareswaran","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anna Cinzia","family":"Squicciarini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"17_CR1","unstructured":"Appshield, Sanctum Inc. (2004)"},{"key":"17_CR2","unstructured":"Security focus-bugtraq (2010), \n                    \n                      http:\/\/www.securityfocus.com\/archive\/1"},{"key":"17_CR3","doi-asserted-by":"crossref","unstructured":"Bates, D., Barth, A., Jackson, C.: Regular expressions considered harmful in client-side XSS filters. In: 19th International Conference on World Wide Web, WWW 2010, pp. 91\u2013100. ACM (2010)","DOI":"10.1145\/1772690.1772701"},{"key":"17_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1007\/978-3-540-70542-0_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"P. Bisht","year":"2008","unstructured":"Bisht, P., Venkatakrishnan, V.N.: XSS-GUARD: Precise Dynamic Prevention of Cross-Site Scripting Attacks. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol.\u00a05137, pp. 23\u201343. Springer, Heidelberg (2008)"},{"key":"17_CR5","unstructured":"Bonfante, G., Kaczmarek, M., Marion, J.-Y.: Control Flow Graphs as Malware Signatures. In: International Workshop on the Theory of Computer Viruses, TCV 2007, Nancy, France (2007)"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Chen, S., Meseguer, J., Sasse, R., Wang, H.J., Wang, Y.-M.: A systematic approach to uncover security flaws in gui logic. In: IEEE Symposium on Security and Privacy, pp. 71\u201385. IEEE Computer Society (2007)","DOI":"10.1109\/SP.2007.6"},{"key":"17_CR7","unstructured":"ComputerWeekly.com. Hackers broaden reach of cross-site scripting attacks (2007)"},{"key":"17_CR8","unstructured":"Cook, S.: A Web developer\u2019s guide to cross-site scripting. t. r, SANS institute (2003)"},{"key":"17_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-540-74320-0_4","volume-title":"Recent Advances in Intrusion Detection","author":"M. Cova","year":"2007","unstructured":"Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol.\u00a04637, pp. 63\u201386. Springer, Heidelberg (2007)"},{"key":"17_CR10","unstructured":"Earl, C., Might, M., Horn, D.V.: Pushdown control-flow analysis of higher-order programs. In: The 2010 Workshop on Scheme and Functional Programming (2010)"},{"key":"17_CR11","unstructured":"Gundy, M.V., Chen, H.: Noncespaces: Using randomization to enforce information flow tracking and thwart cross-site scripting attacks. In: Annual Network & Distributed System Security Symposium (2009)"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Jovanovic, N., Kruegel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities. In: IEEE Symposium on Security and Privacy, pp. 258\u2013263. IEEE Computer Society (2006)","DOI":"10.1109\/SP.2006.29"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Kirda, E., Kruegel, C., Vigna, G., Jovanovic, N.: Noxes: a client-side solution for mitigating cross-site scripting attacks. In: 2006 ACM Symposium on Applied Computing, SAC 2006, pp. 330\u2013337. ACM (2006)","DOI":"10.1145\/1141277.1141357"},{"key":"17_CR14","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1007\/s10207-003-0026-4","volume":"2","author":"J.L. Munoz","year":"2004","unstructured":"Munoz, J.L., Forne, J., Esparza, O., Soriano, M.: Certificate revocation system implementation based on the merkle hash tree. International Journal of Information Security\u00a02, 110\u2013124 (2004), 10.1007\/s10207-003-0026-4","journal-title":"International Journal of Information Security"},{"key":"17_CR15","unstructured":"OWASP. Top 10 2010 - the open web application security project (2007), \n                    \n                      http:\/\/www.owasp.org"},{"key":"17_CR16","unstructured":"OWASP. DOM based XSS (2011), \n                    \n                      https:\/\/www.owasp.org\/index.php\/DOM_Based_XSS"},{"key":"17_CR17","unstructured":"Raman, P.: JaSpin: JavaScript Based Anomaly Detection of Cross-Site Scripting Attacks. Master\u2019s thesis, Carleton University, Ottawa, Ontario (2008)"},{"key":"17_CR18","unstructured":"Schwartz, N.: Steering clear of triples: Deriving the control flow graph directly from the Abstract Syntax Tree in C programs. Technical report, New York, NY, USA (1998)"},{"key":"17_CR19","doi-asserted-by":"crossref","unstructured":"Scott, D., Sharp, R.: Abstracting application-level web security. In: Proceedings of the 11th International Conference on World Wide Web, pp. 396\u2013407. ACM (2002)","DOI":"10.1145\/511446.511498"},{"key":"17_CR20","unstructured":"SpiderLabs. Analysis of lizamoon: Stored XSS via SQL injection (2011), \n                    \n                      http:\/\/blog.spiderlabs.com\/2011\/04\/analysis-of-lizamoon-stored-xss-via-sql-injection.html"},{"key":"17_CR21","series-title":"LNICST","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1007\/978-3-642-16161-2_12","volume-title":"Security and Privacy in Communication Networks","author":"S. Sundareswaran","year":"2010","unstructured":"Sundareswaran, S., Squicciarini, A.C.: DeCore: Detecting Content Repurposing Attacks on Clients\u2019 Systems. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol.\u00a050, pp. 199\u2013216. Springer, Heidelberg (2010)"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Wassermann, G., Su, Z.: Static detection of cross-site scripting vulnerabilities. In: 30th International Conference on Software Engineering, pp. 171\u2013180. ACM (2008)","DOI":"10.1145\/1368088.1368112"},{"key":"17_CR23","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1109\/IWSESS.2009.5068456","volume-title":"Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, IWSESS 2009","author":"P. Wurzinger","year":"2009","unstructured":"Wurzinger, P., Platzer, C., Ludl, C., Kirda, E., Kruegel, C.: Swap: Mitigating XSS attacks using a reverse proxy. In: Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, IWSESS 2009, pp. 33\u201339. IEEE Computer Society, Washington, DC (2009)"}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security and Privacy XXVI"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-31540-4_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,3]],"date-time":"2019-05-03T13:37:17Z","timestamp":1556890637000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-31540-4_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642315398","9783642315404"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-31540-4_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}