A Study On Preventing XSS Attacks In Cloud Computing Based On Fuzzy Clustering

Due to the increasing amount of Webpages on Internet, client-side scripts areusually adopted in the website to enhance user experience. The client-side scripts areusually embedded with the HTML document to both send the responses and requests tosever. Interactions between user and sever can thus be improved by script language, butthe security problem is thus generated. Cross-site script (XSS) is the most commonattack to inject the malicious scripts into user’s browser or applications, thus bringingthe serious threats to Webpages. Malicious scripts are then triggered while user isbrowsing the injected Webpages. Private, sensitive or personal information can thus beexposed through XSS attacks. Traditional way to prevent XSS attacks is to examine thesource codes to find the malicious scripts, modify the applications or modify thebrowser for XSS detection.Cloud computing is used to share computing and network resources, such asprocessing, bandwidth, and storage by enabling ubiquitous, convenient Internetresources. Due to the agility and lower cost, cloud computing has become the mostpopular technique to deploy applications in traditional IT environments for manycompanies. However, the executed environments of applications have been changed, theXSS attacks also exist in the cloud. Traditional detection methods of XSS attacks arenot suitable in cloud environments since:(1) the users are compelled to use the specificbrowser (2) the cloud environments should maintain the security of applications withoutmodifying the source codes. Protecting XSS attacks in traditional way should be,however, modified to adapt in cloud environments. It is thus necessary to design a newdetection mechanism in the cloud.In this dissertation, a preventing framework of XSS attacks based on fuzzyclustering (PXFC) framework in the cloud is proposed. The proposed PXFC frameworkcombines fuzzy clustering with DOM tree comparison methods to detect XSS attacks.The advantage of the proposed mechanism is unnecessary to access user’s browser ormodify applications compared to traditional ways to prevent XSS attacks. Inexperiments, the proposed PXFC framework has99%detection rate to identify malicious URLs with lower response time. For positive and negative samples, PXFCframework has lower false positive and false negative rates. Compared the proposedPXFC framework to traditional detection methods, our mechanism is more suitable toprevent XSS attacks in cloud environments.