{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T00:39:00Z","timestamp":1725842340232},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662490167"},{"type":"electronic","value":"9783662490174"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-662-49017-4_3","type":"book-chapter","created":{"date-parts":[[2015,12,11]],"date-time":"2015-12-11T00:44:31Z","timestamp":1449794671000},"page":"32-44","source":"Crossref","is-referenced-by-count":0,"title":["Bidirectional Analysis Method of Static XSS Defect Detection Technique Based On Database Query Language"],"prefix":"10.1007","author":[{"given":"Baojiang","family":"Cui","sequence":"first","affiliation":[]},{"given":"Tingting","family":"Hou","sequence":"additional","affiliation":[]},{"given":"Baolian","family":"Long","sequence":"additional","affiliation":[]},{"given":"Lingling","family":"Xu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,12,12]]},"reference":[{"key":"3_CR1","unstructured":"Yawen, W.: Defect model based software testing technology. Beijing Univ. Posts Telecommun. (2009)"},{"key":"3_CR2","unstructured":"Di Lucca, G.A., Fasolino, A.R., Mastoianni, M., Tramontana, P.: Identifying cross site scripting vulnerabilities in Web applications. In: 26th Annual International Telecommunications Energy Conference, INTELEC 2004, pp. 71\u201380, 11 September 2004"},{"key":"3_CR3","unstructured":"Open Web Application Security Project. Types of Cross-Site. October 2013 Scripting (2013). \n https:\/\/www.owasp.org\/index.php\/Types_of_Cross-Site_Scripting"},{"key":"3_CR4","volume-title":"Web Front-endReveal Hacking Techniques","author":"XS Zhong Chenming","year":"2013","unstructured":"Zhong Chenming, X.S.: Web Front-endReveal Hacking Techniques. Electronic Industry Press, Beijing (2013)"},{"key":"3_CR5","unstructured":"Martin, M., Lam, M.S.: Automatic generation of XSS and SQL injection attacks with goal-directed model checking. In: Proceedings of the 17th Conference on Security Symposium, (pp. 31\u201343). USENIX Association (2008)"},{"key":"3_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1007\/978-3-540-70542-0_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"P Bisht","year":"2008","unstructured":"Bisht, P., Venkatakrishnan, V.N.: XSS-GUARD: precise dynamic prevention of cross-site scripting attacks. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 23\u201343. Springer, Heidelberg (2008)"},{"key":"3_CR7","unstructured":"Fonseca, J., Vieira, M., Madeira, H.: Testing and comparing Web vulnerability scanning tools for SQL injection and XSS attacks. In: 13th Pacific Rim International Symposium on Dependable Computing, 2007, PRDC 2007, pp. 365\u2013372. IEEE (2007)"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Wurzinger, P., Platzer, C., Ludl, C., Kirda, E., Kruegel, C.: SWAP: Mitigating XSS attacks using a reverse proxy. In: Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems, pp. 33\u201339. IEEE Computer Society (2009)","DOI":"10.1109\/IWSESS.2009.5068456"},{"key":"3_CR9","unstructured":"Klein, A.: DOM based cross site scripting or XSS of the third kind. Web Application Security Consortium, Articles, 4 (2005)"},{"key":"3_CR10","unstructured":"Fonseca, J., Vieira, M., Madeira, H.: Testing and comparing Web vulnerability scanning tools for SQL injection and XSS attacks. In: 13th Pacific Rim International Symposium on Dependable Computing, 2007, PRDC 2007, pp. 365\u2013372. IEEE (2007)"},{"key":"3_CR11","unstructured":"Paros, Y.: Paros Proxy [DB\/OL] (2006). \n http:\/\/sourceforge.net\/projects\/paros\/"},{"key":"3_CR12","unstructured":"Mozilla. XSS-Me [DB\/OL] (2012). \n http:\/\/labs.securitycompass.com\/exploit-me\/xss-me\/"},{"key":"3_CR13","unstructured":"Vogt, P., Nentwich, F., Jovanovic, N., Kirda, E., Kruegel, C., Vigna, G.: Cross Site scripting prevention with dynamic data tainting and static analysis. In: NDSS (2007)"},{"key":"3_CR14","unstructured":"Wassermann, G., Su, Z.: Static detection of cross-site scripting vulnerabilities. In: ACM\/IEEE 30th International Conference on Software Engineering, 2008, ICSE 2008, pp. 171\u2013180. IEEE (2008)"},{"key":"3_CR15","unstructured":"Benjamin Livshits, V., Lam, M.S.: Finding security vulnerabilities in java applications with static analysis. In: USENLX Technology Symposiu (2005)"},{"key":"3_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/11823230_22","volume-title":"Static Analysis","author":"C Kirkegaard","year":"2006","unstructured":"Kirkegaard, C., M\u00f8ller, A.: Static analysis for java servlets and JSP. In: Yi, K. (ed.) SAS 2006. LNCS, vol. 4134, pp. 336\u2013352. Springer, Heidelberg (2006)"},{"key":"3_CR17","volume-title":"Secure Programming with Static Analysis","author":"B Chess","year":"2007","unstructured":"Chess, B., West, J.: Secure Programming with Static Analysis. Pearson Education, USA (2007)"},{"key":"3_CR18","unstructured":"Haviv, Y.A., Tripp, O., Weisman, O.U.S.: Patent No. 8,726,245. Washington, DC: U.S. Patent and Trademark Office (2014)"},{"key":"3_CR19","doi-asserted-by":"crossref","unstructured":"Whaley, J., Dzintars, A., et al.: Using datalog with binary decision diagrams for program analysis. In: Third Asian Symposium (2005)","DOI":"10.1007\/11575467_8"},{"key":"3_CR20","doi-asserted-by":"crossref","unstructured":"Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation (PLDI) (2004)","DOI":"10.1145\/996841.996859"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Whaley, J., Lam, M.S.: Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In: ACM SIGPLAN Notices, vol. 39, no. 6, pp. 131\u2013144. ACM (2004)","DOI":"10.1145\/996893.996859"},{"key":"3_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1007\/978-3-642-37057-1_15","volume-title":"Fundamental Approaches to Software Engineering","author":"O Tripp","year":"2013","unstructured":"Tripp, O., Pistoia, M., Cousot, P., Cousot, R., Guarnieri, S.: Andromeda: accurate and scalable security analysis of web applications. In: Cortellessa, V., Varr\u00f3, D. (eds.) FASE 2013 (ETAPS 2013). LNCS, vol. 7793, pp. 210\u2013225. Springer, Heidelberg (2013)"},{"key":"3_CR23","volume-title":"Applied Cryptography: Protocols, Algorithms, and Source Code","author":"B Schneier","year":"2007","unstructured":"Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code. Wiley, New York (2007)"}],"container-title":["Lecture Notes in Computer Science","Transactions on Computational Collective Intelligence XIX"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-49017-4_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,31]],"date-time":"2019-05-31T18:05:50Z","timestamp":1559325950000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-49017-4_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783662490167","9783662490174"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-49017-4_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]}}}