Advantages

Disadvantages

[47] presents a research paper in which the authors proposed that XSS attacks can be identified by investigating the implementation flow of an AJAX application. The JavaScript code is inspected on the browser side at the very beginning in order to generate a finite state machine for the typical mode of operation of the applications. The scripts that are encoded in the response web page are then monitored by this machine in conjunction with a proxy. Malicious flow and XSS attacks can take place if the machine’s execution path does not match the machine’s finite state machine.

This method is ineffective against XSS attacks based on the Document Object Model.

IPAAS is an input validation approach proposed by the authors [48] . After first interfering with the page containing the answer and retrieving all of the parameters, it then analyzes the context of those parameters. This leads to the development of input validation policies, which are subsequently applied to every page of reappearance on the internet for examination. If the requirements are not satisfied, the request will be denied; in any other case, it will not be. Failures in type learning are possible when bespoke query string formats are used.

The IPAAS parameter extractor may be unable to parse parameter key-value pairs in this approach.

The authors [49] proposed that this strategy employs the use of dynamic analysis of JavaScript code that is embedded within a web page. By using this method, an abstract syntax tree will be constructed for the internal representation of JavaScript code. Following that, the tree is transferred to the taint engine, which analyzes the JS code to determine whether or not it attempts to access the private data.

Performing its functions, however, incurs significant performance overhead and requires a substantial amount of processing time.

Essentially, the researchers [50] proposed that the objective of this approach is to detect any questionable JavaScript code. Tainted-browsing technology is used. A set of metrics is then established to help measure the impact of each attacking flow on the system.

This method cannot detect suspicious flow, for example, flows dependent on certain specified conditions, such as the value of a parameter in a URL.

The researchers [51] proposed that DOM-based XSS attack can no longer be carried out using this technique, thanks to its robustness. Taint tracking and exploit reporting are the foundations of this strategy. To a large extent, it gets rid of the JavaScript code that can’t be trusted and then examines it on its own, following its execution flow, to determine whether or not it has been contaminated. It generates XSS test payloads based on the log information it receives.

Exploits are reported to the client after all vulnerabilities have been discovered. In terms of security, it does not guard against non-scripting code and has a negative impact on performance.