Abstract
Detecting web application attacks is a task performed by many systems. An example of such a system is the open source tool NoScript, which will be discussed at various points in this work. Among these attacks, cross site scripting is a focus of this study, mainly due to the levels of concern related to it. The primary goal of this research is to analyze how efficiently a cross-site scripting attack once detected can be logged. Logging the attack has benefits from a Cyberforensics point of view. This work analyzes related efforts and the benefits of implementing such functionality. It was found that for the test system analyzed, there was an additional overhead. This overhead, though, was seen to be within acceptable limits defined in Usability Engineering literatures.
Keywords
Cyberforensics, Frequency analysis, Open source tools, Semantic analysis, Usability engineering, Web application security
Date of this Version
4-26-2010
Department
Information Security
Department Head
Eugene Spafford
Month of Graduation
May
Year of Graduation
2010
Degree
Master of Science
Head of Graduate Program
Eugene Spafford
Advisor 1 or Chair of Committee
Marcus K. Rogers
Committee Member 1
Pascal Meunier
Committee Member 2
Victor Raskin