Loading…

Research on Vulnerability Detection Technology for WEB Mail System

Recently, the Email system is seriously threatened by the vulnerability attack, and XSS vulnerability is one of the most serious vulnerability of WEB mail system. In this paper, we proposed a crossing site script injection vulnerability detection method for WEB mail system, and developed a detection...

Full description

Saved in:
Bibliographic Details
Published in:Procedia computer science 2018, Vol.131, p.124-130
Main Authors: Wang, Xin, Wu, Runpu, Ma, Jinxin, Long, Gang, Han, Jedeng
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Recently, the Email system is seriously threatened by the vulnerability attack, and XSS vulnerability is one of the most serious vulnerability of WEB mail system. In this paper, we proposed a crossing site script injection vulnerability detection method for WEB mail system, and developed a detection tool for a systematic. With the method we proposed, we can automatically construct attack vectors according to different attack surfaces, and generate malformed mails for vulnerability detection. By applying the tool to some popular Webmail systems, seven exploitable XSS vulnerabilities are found. The evaluation result shows that our tool can efficiently detect XSS vulnerabilities.
ISSN:1877-0509
1877-0509
DOI:10.1016/j.procs.2018.04.194