Comp527 Final Project Weekly Report

Detection & Sanitization of XSS

Jun Zheng (jz33) Chao Zhang (cz15)

Rice University

Overview

Our project goes slowly but steadily. For now, we are focusing on 2 aspects simutaneously.

Part I

On one side, our group is researching theories on XSS, that is, definition, significance, and more importantly, how common web frameworks (as currently selected, Django, GWT at least) support sanitization. [1][2] shows that mechanism on different frameworks varies a lot, but generally categories can be recorded according to 1) what language /expression (HTML, CSS, Javascript) is supported; 2) untrusted data separation; 3) auto sanitizaiton abilities (context-insensitive sanitization, context-sensitive sanitization, able to handle nested context, able to handle dynamic context); 4) placement of sanitizers

Part II

One the other side, our group is trying to design tiny web applications based on selected frameworks, in order to observe XSS attack. Current design are basically composed by 3 parts, a naive victim app (citizen), a randomized attacker (killer), a status estimator (judge). This part goes slowly, because neither of us has experiences on Django /GWT, but expecting result might be interesting that to see our own app is been killed by ourselves.

Reference

[1] Weinberger, J., et al., “A Systematic Analysis of XSS Sanitization in Web Application Frameworks”, Springer-Verlag Berlin Heidelberg 2011

[2] Weinberger, J., et al., “An Empirical Analysis of XSS Sanitization in Web Application Frameworks”, Technical Report No. UCB/EECS-2011-11

This entry was posted on Tuesday, November 5th, 2013 at 4:22 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.