More tools to combat malicious web attacks
Two new tools to analyse web addresses promise to help protect web users against malicious internet attacks and fraud.
The internet now plays an important role in the lives of billions of
people on the planet. With all the good that the World Wide Web brings,
many opportunists are harnessing its power to exploit vulnerable people
and rob them. A particular web-based security vulnerability found in web
applications is cross-site scripting (XSS), which web security
companies are working hard to overcome.
Based on this, the EU-funded XHUNTER (XHUNTER: Tracking XSS on the net) project investigated new techniques for protecting web applications and limiting malicious attacks. It designed and applied xHunter, a tool that analyses web addresses that can hijack web applications.
The tool has been designed to analyse attacks that have already been reported to security companies, in addition to examining websites targeted by web attackers. It also documents the time required to repair web vulnerabilities and follows web reports to obtain a more accurate picture of malicious activity. Importantly, xHunter can be integrated into active networks to detect attempts based on XSS exploitation and stop them from happening.
More specifically, XHUNTER created an online detector that processes incoming URLs in real time, forming an advanced custom firewall that detects XSS exploitation and prevents it, crucial for protecting today's servers. It also built an offline analyser that collects URLs and identifies common characteristics in a large group of malicious web addresses to gain more insight on how attackers exploit web applications.
Lastly, XHUNTER underlined the pivotal importance of the time between identifying an XSS attack and resolving it. It noted that the average time to resolve the attack is about one month with a cost of almost EUR 30 000 a day in some cases. Research results emerging from this project and the resulting XHUNTER products will without a doubt support a safer and more secure web environment for all.
published: 2016-01-18