Regresar

DataCookie: Sorting Cookies Using Data Mining for Prevention of Cross-Site Scripting (XSS)

Abstract:

Cross-Site Scripting (XSS) is a vulnerability in web applications; it allows the injection of scripts or malicious code to steal user sessions and cookies or redirect users to malicious sites. According to OWASP, it is included in the category of injections; it is part of the top 10 most frequent vulnerabilities in web applications in 2021. This study presents DataCookie, a model based on the data mining methodology, CRISP-DM, whose objective is to analyze cookies through decision trees. As a result, we developed in Python a script to classify the new cookies according to the rules obtained from the selected decision tree. This classification revealed that 2.19% of the websites visited by users of a public institution on a business day contain XSS vulnerabilities.

Año de publicación:

2022

Keywords:

    Fuente:

    googlegoogle

    Tipo de documento:

    Other

    Estado:

    Acceso abierto

    Áreas de conocimiento:

    • Minería de datos
    • Ciencias de la computación

    Áreas temáticas de Dewey:

    • Programación informática, programas, datos, seguridad
    Procesado con IAProcesado con IA

    Objetivos de Desarrollo Sostenible:

      Procesado con IAProcesado con IA

      Contribuidores:

      Eduardo Benavides-AstudilloEduardo Benavides-Astudillo
      Germán Rodríguez-GalánGermán Rodríguez-Galán