{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T07:41:33Z","timestamp":1740123693399,"version":"3.37.3"},"reference-count":27,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2022,10,24]],"date-time":"2022-10-24T00:00:00Z","timestamp":1666569600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,10,24]],"date-time":"2022-10-24T00:00:00Z","timestamp":1666569600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Mobile Netw Appl"],"published-print":{"date-parts":[[2023,8]]},"DOI":"10.1007\/s11036-022-02052-z","type":"journal-article","created":{"date-parts":[[2022,10,24]],"date-time":"2022-10-24T05:03:18Z","timestamp":1666587798000},"page":"1306-1318","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Defining Cross-Site Scripting Attack Resilience Guidelines Based on BeEF Framework Simulation"],"prefix":"10.1007","volume":"28","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3728-6711","authenticated-orcid":false,"given":"Ivan","family":"Cviti\u0107","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0476-9373","authenticated-orcid":false,"given":"Dragan","family":"Perakovi\u0107","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1775-0735","authenticated-orcid":false,"given":"Marko","family":"Peri\u0161a","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dominik","family":"Sever","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,10,24]]},"reference":[{"key":"2052_CR1","doi-asserted-by":"publisher","unstructured":"Cvitic I, Perakovic D, Perisa M, Botica M (2020) Definition of the IoT device classes based on network traffic flow features. In: L. K, M. B, D. P, M. P (eds) EAI\/Springer Innovations in Communication and Computing. Springer, Cham, p 1\u201317. Available from http:\/\/link.springer.com\/https:\/\/doi.org\/10.1007\/978-3-030-34272-2_1","DOI":"10.1007\/978-3-030-34272-2_1"},{"key":"2052_CR2","doi-asserted-by":"crossref","unstructured":"Perakovi\u0107 D, Peri\u0161a M, Cviti\u0107 I, Zori\u0107 P (2020) Information and Communication Technologies for the Society 5.0 Environment. In: XXXVIII Simpozijum o novim tehnologijama u po\u0161tanskom i telekomunikacionom saobra\u0107aju \u2013 POSTEL 2020.\u00a0 University of Belgrade, Faculty of Transport and Traffic Engineering,\u00a0Belgrade, p 203\u201312. Available from https:\/\/ebooks.sf.bg.ac.rs\/index.php\/FTTE\/catalog\/view\/15\/45\/139-1","DOI":"10.37528\/FTTE\/9788673954318\/POSTEL.2020.020"},{"key":"2052_CR3","doi-asserted-by":"publisher","unstructured":"So\u0142tysik-Piorunkiewicz A, Krysiak M (2020) The cyber threats analysis for web applications security in industry 4.0. In: Studies in Computational Intelligence. p 127\u201341. Available from http:\/\/link.springer.com\/https:\/\/doi.org\/10.1007\/978-3-030-40417-8_8","DOI":"10.1007\/978-3-030-40417-8_8"},{"key":"2052_CR4","doi-asserted-by":"crossref","unstructured":"Gupta BB, Tewari A, Cviti\u0107 I, Perakovi\u0107 D, Chang X (2022) Artificial intelligence empowered emails classifier for internet of things based systems in industry 4.0. Wirel Netw 28(1):493\u2013503. Available from https:\/\/link.springer.com\/10.1007\/s11276-021-02619-w","DOI":"10.1007\/s11276-021-02619-w"},{"key":"2052_CR5","doi-asserted-by":"crossref","unstructured":"Cviti\u0107 I, Perakovi\u0107 D, Peri\u0161a M, Husnjak S (2019) An overview of distributed denial of service traffic detection approaches. PROMET - Traffic&Transportation 31(4):453\u201364. Available from https:\/\/traffic.fpz.hr\/index.php\/PROMTT\/article\/view\/3082","DOI":"10.7307\/ptt.v31i4.3082"},{"issue":"4","key":"2052_CR6","doi-asserted-by":"publisher","first-page":"85","DOI":"10.4018\/JOEUC.2020100105","volume":"32","author":"BB Gupta","year":"2020","unstructured":"Gupta BB, Chaudhary P, Gupta S (2020) Designing a XSS defensive framework for web servers deployed in the existing smart city infrastructure. J Organ End User Comput 32(4):85\u2013111","journal-title":"J Organ End User Comput"},{"key":"2052_CR7","doi-asserted-by":"crossref","unstructured":"Yusof I, Pathan A-SK (2014) Preventing persistent Cross-Site Scripting (XSS) attack by applying pattern filtering approach. In: The 5th International Conference on Information and Communication Technology for The Muslim World (ICT4M). IEEE, p 1\u20136. Available from http:\/\/ieeexplore.ieee.org\/document\/7020628\/","DOI":"10.1109\/ICT4M.2014.7020628"},{"key":"2052_CR8","doi-asserted-by":"crossref","unstructured":"Johns M, Engelmann B, Posegga J (2008) XSSDS: Server-side detection of Cross-site Scripting attacks. In: Proceedings - Annual Computer Security Applications Conference, ACSAC. IEEE, p 335\u201344. Available from http:\/\/ieeexplore.ieee.org\/document\/4721570\/","DOI":"10.1109\/ACSAC.2008.36"},{"key":"2052_CR9","doi-asserted-by":"crossref","unstructured":"Wurzinger P, Platzer C, Ludl C, Kirda E, Kruegel C (2009) SWAP: Mitigating XSS attacks using a reverse proxy. In: Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, SESS 2009. University of Applied Science Wien, p 33\u20139","DOI":"10.1109\/IWSESS.2009.5068456"},{"key":"2052_CR10","unstructured":"Sawant H, Agaga S (2018) Web browser attack using BeEF framework [Internet]. p 1\u20137. Available from https:\/\/www.researchgate.net\/publication\/322398374_Web_Browser_Attack_Using_BeEF_Framework. Accessed 10 Mar 2020"},{"issue":"2","key":"2052_CR11","doi-asserted-by":"publisher","first-page":"319","DOI":"10.3390\/jcp1020018","volume":"1","author":"JR Dora","year":"2021","unstructured":"Dora JR, Nemoga K (2021) Ontology for Cross-Site-Scripting (XSS) attack in cybersecurity. J Cybersecur Priv 1(2):319\u2013339","journal-title":"J Cybersecur Priv"},{"issue":"2","key":"2052_CR12","doi-asserted-by":"publisher","first-page":"149","DOI":"10.24002\/ijis.v3i2.4192","volume":"3","author":"RM Wibowo","year":"2021","unstructured":"Wibowo RM, Sulaksono A (2021) Web vulnerability through Cross Site Scripting (XSS) detection with OWASP security shepherd. Indonesian J Inform Syst 3(2):149","journal-title":"Indonesian J Inform Syst"},{"key":"2052_CR13","doi-asserted-by":"crossref","unstructured":"Rodr\u00edguez GE, Torres JG, Flores P, Benavides DE (2020) Cross-site scripting (XSS) attacks and mitigation: A survey. Comput Netw 166:106960. Available from\u00a0https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1389128619311247. Accessed 23 Jun 2020","DOI":"10.1016\/j.comnet.2019.106960"},{"key":"2052_CR14","volume-title":"Cross site scripting attacks Xss exploits and defense.\u00a0XSS Attacks","author":"S Fogie","year":"2007","unstructured":"Fogie S, Grossman J, Hansen R, Rager A (2007) Cross site scripting attacks Xss exploits and defense.\u00a0XSS Attacks. Syngress Publishing, Inc., Burlington"},{"key":"2052_CR15","doi-asserted-by":"crossref","unstructured":"Mahmoud SK, Alfonse M, Roushdy MI, Salem ABM (2017) A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques. In: 2017 IEEE 8th International Conference on Intelligent Computing and Information Systems, ICICIS 2017, p 36\u201342","DOI":"10.1109\/INTELCIS.2017.8260024"},{"key":"2052_CR16","unstructured":"Nidecki TA (2019) What is persistent XSS? [Internet]. Available from https:\/\/www.acunetix.com\/blog\/articles\/persistent-xss\/. Accessed 11\u00a0Aug 2021"},{"key":"2052_CR17","doi-asserted-by":"crossref","unstructured":"Gupta BB, Chaudhary P (2020) Cross-site scripting attacks [Internet]. Cross-site scripting attacks. CRC Press,\u00a0Boca Raton. Available from\u00a0https:\/\/www.taylorfrancis.com\/books\/9781000049800.\u00a0Accessed 18 May 2021","DOI":"10.1201\/9780429351327"},{"key":"2052_CR18","unstructured":"Aucentix (2014) Non-persistent XSS [Internet]. Available from https:\/\/www.acunetix.com\/blog\/articles\/non-persistent-xss\/. Accessed 25\u00a0Jan 2021"},{"key":"2052_CR19","unstructured":"The OWASP\u00ae Foundation (2010)\u00a0DOM based XSS [Internet], p 1\u20134. Available from https:\/\/owasp.org\/www-community\/attacks\/DOM_Based_XSS. Accessed 22\u00a0Oct 2021"},{"key":"2052_CR20","unstructured":"H\u00e9garet L, Whitmer R, Wood L (2009) W3C document object model: What is the document object model? [Internet]. Available from http:\/\/www.w3.org\/TR\/WD-DOM\/introduction.html. Accessed 11 Nov 2021"},{"key":"2052_CR21","doi-asserted-by":"crossref","unstructured":"Gupta S, Gupta BB, Chaudhary P (2018) Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network. Future Gener Comput Syst 79:319\u201336. Available from\u00a0https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167739X17311068.\u00a0Accessed 19 May 2021","DOI":"10.1016\/j.future.2017.05.038"},{"key":"2052_CR22","unstructured":"Stephens JC (2017) Application security statistics report. The case for DevSecOps. [Internet]. Vol.12, WhiteHat Security. Available from\u00a0https:\/\/info.whitehatsec.com\/rs\/675-YBI-674\/images\/WHS2017ApplicationSecurityReportFINAL.pdf. Accessed 26 May 2021"},{"key":"2052_CR23","unstructured":"Positive Technologies (2017) Web application 2017 in review [Internet]. p 9. Available from https:\/\/www.ptsecurity.com\/ww-en\/analytics\/web-application-attack-statistics-2017\/. Accessed 23 Jun 2019"},{"key":"2052_CR24","unstructured":"Positive Technology (2019) Attacks on web applications: 2018 in review [Internet]. Available from\u00a0https:\/\/www.ptsecurity.com\/ww-en\/analytics\/web-application-attacks-2019\/.\u00a0Accessed 26 May 2021"},{"key":"2052_CR25","unstructured":"Edgescan (2021) Vulnerability statistics report 2021 [Internet]. Available from\u00a0https:\/\/www.edgescan.com\/infosecurity-europe-2019-survey-results.\u00a0Accessed 18 Aug 2021"},{"key":"2052_CR26","unstructured":"GitHub (2020) Introducing BeEF - Browser Exploitation Framework [Internet]. beefproject. Available from https:\/\/github.com\/beefproject\/beef\/wiki\/Introducing-BeEF. Accessed 18 Jan\u00a02022"},{"key":"2052_CR27","unstructured":"GitHub (2022)\u00a0Metasploit framework [Internet]. rapid7. Available from https:\/\/github.com\/rapid7\/metasploit-framework\/wiki. Accessed 22 Oct\u00a02021"}],"container-title":["Mobile Networks and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11036-022-02052-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11036-022-02052-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11036-022-02052-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,19]],"date-time":"2024-08-19T17:06:41Z","timestamp":1724087201000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11036-022-02052-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,24]]},"references-count":27,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2023,8]]}},"alternative-id":["2052"],"URL":"https:\/\/doi.org\/10.1007\/s11036-022-02052-z","relation":{},"ISSN":["1383-469X","1572-8153"],"issn-type":[{"type":"print","value":"1383-469X"},{"type":"electronic","value":"1572-8153"}],"subject":[],"published":{"date-parts":[[2022,10,24]]},"assertion":[{"value":"23 May 2022","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 October 2022","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"\u00a0Not applicable.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflicts of interest\/Competing interests"}}]}}