{"id":"https://openalex.org/W3197726148","doi":"https://doi.org/10.1109/iccta35431.2014.9521633","title":"Prevention Of DOM Based XSS Attacks Using A White List Framework","display_name":"Prevention Of DOM Based XSS Attacks Using A White List Framework","publication_year":2014,"publication_date":"2014-10-25","ids":{"openalex":"https://openalex.org/W3197726148","doi":"https://doi.org/10.1109/iccta35431.2014.9521633","mag":"3197726148"},"language":"en","primary_location":{"id":"doi:10.1109/iccta35431.2014.9521633","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iccta35431.2014.9521633","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 24th International Conference on Computer Theory and Applications (ICCTA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019619049","display_name":"Khaled Ali","orcid":"https://orcid.org/0000-0001-5360-7058"},"institutions":[{"id":"https://openalex.org/I59272784","display_name":"Arab Academy for Science, Technology, and Maritime Transport","ror":"https://ror.org/0004vyj87","country_code":"EG","type":"education","lineage":["https://openalex.org/I59272784"]}],"countries":["EG"],"is_corresponding":true,"raw_author_name":"Khaled Ali","raw_affiliation_strings":["College of Computing and Information Technology, Arab Academy for Science and Technology (AAST), Egypt"],"affiliations":[{"raw_affiliation_string":"College of Computing and Information Technology, Arab Academy for Science and Technology (AAST), Egypt","institution_ids":["https://openalex.org/I59272784"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048160775","display_name":"Ayman Abdel-Hamid","orcid":"https://orcid.org/0000-0001-9953-7147"},"institutions":[{"id":"https://openalex.org/I59272784","display_name":"Arab Academy for Science, Technology, and Maritime Transport","ror":"https://ror.org/0004vyj87","country_code":"EG","type":"education","lineage":["https://openalex.org/I59272784"]}],"countries":["EG"],"is_corresponding":false,"raw_author_name":"Ayman Abdel-Hamid","raw_affiliation_strings":["College of Computing and Information Technology, Arab Academy for Science and Technology (AAST), Egypt"],"affiliations":[{"raw_affiliation_string":"College of Computing and Information Technology, Arab Academy for Science and Technology (AAST), Egypt","institution_ids":["https://openalex.org/I59272784"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037370257","display_name":"Mohamed Kholief","orcid":"https://orcid.org/0000-0002-0043-6205"},"institutions":[{"id":"https://openalex.org/I59272784","display_name":"Arab Academy for Science, Technology, and Maritime Transport","ror":"https://ror.org/0004vyj87","country_code":"EG","type":"education","lineage":["https://openalex.org/I59272784"]}],"countries":["EG"],"is_corresponding":false,"raw_author_name":"Mohamed Kholief","raw_affiliation_strings":["College of Computing and Information Technology, Arab Academy for Science and Technology (AAST), Egypt"],"affiliations":[{"raw_affiliation_string":"College of Computing and Information Technology, Arab Academy for Science and Technology (AAST), Egypt","institution_ids":["https://openalex.org/I59272784"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5019619049"],"corresponding_institution_ids":["https://openalex.org/I59272784"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.62315833,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"68","last_page":"75"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.9965537786483765},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8328482508659363},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.776369035243988},{"id":"https://openalex.org/keywords/client-side","display_name":"Client-side","score":0.7461090087890625},{"id":"https://openalex.org/keywords/document-object-model","display_name":"Document Object Model","score":0.7390736937522888},{"id":"https://openalex.org/keywords/server-side","display_name":"Server-side","score":0.6518038511276245},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5908677577972412},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.580093264579773},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5585668683052063},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5363802313804626},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.46714138984680176},{"id":"https://openalex.org/keywords/web-server","display_name":"Web server","score":0.4295494854450226},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.4126877784729004},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.36276769638061523},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.3273889422416687},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2523772120475769},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.23476147651672363},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.18420416116714478}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.9965537786483765},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8328482508659363},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.776369035243988},{"id":"https://openalex.org/C202477664","wikidata":"https://www.wikidata.org/wiki/Q1352449","display_name":"Client-side","level":2,"score":0.7461090087890625},{"id":"https://openalex.org/C137922610","wikidata":"https://www.wikidata.org/wiki/Q2093","display_name":"Document Object Model","level":3,"score":0.7390736937522888},{"id":"https://openalex.org/C14414571","wikidata":"https://www.wikidata.org/wiki/Q519081","display_name":"Server-side","level":2,"score":0.6518038511276245},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5908677577972412},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.580093264579773},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5585668683052063},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5363802313804626},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.46714138984680176},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.4295494854450226},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.4126877784729004},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.36276769638061523},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.3273889422416687},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2523772120475769},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.23476147651672363},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.18420416116714478}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iccta35431.2014.9521633","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iccta35431.2014.9521633","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 24th International Conference on Computer Theory and Applications (ICCTA)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.8100000023841858,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":2,"referenced_works":["https://openalex.org/W186100614","https://openalex.org/W2108810805"],"related_works":["https://openalex.org/W2571973613","https://openalex.org/W2609132699","https://openalex.org/W2104452318","https://openalex.org/W2024474165","https://openalex.org/W3197726148","https://openalex.org/W2743909715","https://openalex.org/W2148211687","https://openalex.org/W2799662300","https://openalex.org/W2541278968","https://openalex.org/W4313523259"],"abstract_inverted_index":{"Web":[0],"applications":[1],"are":[2],"not":[3],"guaranteed":[4],"to":[5,23],"be":[6,17,78],"safe":[7],"for":[8],"both":[9],"clients":[10,105],"and":[11,130,148],"servers":[12],"since":[13],"many":[14,39],"vulnerabilities":[15,56],"can":[16,77],"exploited":[18],"in":[19,42,57,88,113],"a":[20,25,97,138],"web":[21,107],"application":[22],"reach":[24],"malicious":[26,48],"goal.":[27],"One":[28],"such":[29,111],"vulnerability":[30,67],"is":[31,44,68,120],"Cross":[32],"Site":[33],"Scripting":[34],"or":[35],"XSS":[36,66,75,99,123,128],"that":[37,102,109,125],"has":[38,144],"types":[40],"but":[41],"general":[43],"aimed":[45],"at":[46,50,80,133],"executing":[47],"scripts":[49,112,129],"the":[51,58,89,104,114,146,151],"client\u2019s":[52],"machine":[53],"when":[54],"exploiting":[55],"server":[59,90],"side.":[60,91,135],"Another":[61],"type":[62],"of":[63,150],"client":[64,81,134],"side":[65,82],"called":[69],"DOM":[70,98,116,127],"(Document":[71],"Object":[72],"Model)":[73],"Based":[74],"which":[76,143],"achieved":[79],"only":[83],"without":[84],"putting":[85],"any":[86],"script":[87],"In":[92,136],"this":[93],"paper,":[94],"we":[95],"propose":[96],"prevention":[100],"technique":[101],"protects":[103],"from":[106],"pages":[108],"contain":[110],"HTML":[115],"tree":[117],"source.":[118],"This":[119],"an":[121],"anti-DOM":[122],"framework":[124,153],"stops":[126],"prevents":[131],"it":[132],"addition,":[137],"prototype":[139],"tool":[140],"was":[141],"implemented":[142],"demonstrated":[145],"validity":[147],"viability":[149],"proposed":[152]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}