[1] |
, DAHSE J . A vulnerability scanner for different kinds of vulnerabilities[DB/OL].[2015-04-09]. .
|
[2] |
AN H Y , SONG Y , YU T , et al. A new architecture of AJAX Web application security crawler with finite-state machine[J]. IEEE Computer Society, 2014(27):112-117.
|
[3] |
OWASP. Cross site scripting prevention cheat sheet[EB/OL].(2013-12-26)[2014-03-26]. .
|
[4] |
OWASP. Top ten project[EB/OL].(2013-12-03)[2013-12-10]. .
|
[5] |
LI Z , XU X , LIAO L J , et al. Using templates combination to generate testing vectors dynamically indetecting Web applications vulnerabilities[J]. Application Research of Computers, 2015,32(10):3004-3009.
|
[6] |
CHEN J F , WANG Y D , ZHANG Y Q , et al. Automatic generation of attack vectors for stored-XSS[J]. Journal of Graduate University of Chinese Academy of Sciences, 2012,29(6):815-820.
|
[7] |
WANG X L , ZHANG Y Q . A behavior-based client defense scheme against XSS[J]. Journal of Graduate University of Chinese Academy of Sciences, 2011,25(5):668-675.
|
[8] |
CHEN J Q , ZHANG Y Q . Design and realization of Web cross-site scripting vulnerability detection tool[J]. Computer Engineering, 2010,36(6):152-158.
|
[9] |
JIANG H , XU Z Y , WANG X . XSS attack defense method based on behavior[J]. Computer Engineering and Designg, 2014,35(6):1911-1925.
|
[10] |
GUO X B , JIN S Y , ZHANG Y X . XSS vulnerability detection using optimized attack vector repertory[J]. IEEE Computer Society, 2015(50):29-36.
|
[11] |
CUI B J , LONG B L , HOU T T . Reverse analysis method of static XSS defect detection technique based on database query language[C]// The Nineth International Conference on P2P,Parallel,Grid,Cloud and Internet Computing(3PGCIC), November 8-10,2014, Guangzhou,Guangdong,China. New Jersey: IEEE Press, 2014:487-491.
|
[12] |
LIU W X , YU S Z . Research for ACK attacks in network coding[J]. Journal of Chinese Computer Systems, 2012,32(7):1354-1359.
|
[13] |
Rsnake. XSS(cross site scripting) cheat sheet[EB/OL].[2013-11-15]. .
|
[14] |
WU H Q . White hatter talks about web security[M]. Beijing: Publishing House of Electronics Industry, 2013:152-178.
|
[15] |
GUPTA M K , GOVIL M C , SINGH G . Predicting cross-site scripting(XSS)security vulnerabilities in Web applications[C]// 2015 12th International Joint Conference on Computer Science and Software Engineering(JCSSE), July 22-24,2015, Songkhla,Thailand. New Jersey: IEEE Press, 2015:162-167.
|
[16] |
LI Y W , LIU Z X , DING S J . Technique for discovering stored XSS vulnerability based on tracing risky data[J]. Computer Science, 2014,41(11A):241-244.
|
[17] |
QIU Y H . The analysis and defense of XSS attack[M]. Beijing: Posts&Telecom Press, 2013.
|
[18] |
LI Z J , ZHANG J X , LIAO X K . Survey of software vulnerability detection techniques[J]. Chinese Journal of Computers, 2015,38(4):717-732.
|
[19] |
HALFOND W G J , ORSO A , MANOLIOS P . WASP:protecting web applications using positive tainting and syntax-aware evaluation[J]. IEEE Transactions on Software Engineering, 2008,34(1):65-81.
|
[20] |
SAYED B , TRAORE I . Protection against Web 2.0 client-side web attacks using information flow control[J]. The 28th International Conference on Advanced Information Networking and Applications Workshops (WAINA), May 13-16,2014, Victoria,BC,USA. New Jersey: IEEE Press, 2014:261-268.
|
[21] |
HELEN K , SARANDIS M , CHRISTOS D . An advanced web attack detection and prevention tool[J]. Information Management& Computer Security, 2011,19(5):280-299.
|