Objective
"Code-injection attacks through Cross-Site Scripting (XSS) in the web browser
have observed a significant increase over the previous years. According to a
September-2009 report published by the SANS Institute, attacks against web
applications constitute more than 60% of the total attack attempts observed on
the Internet. Web application vulnerabilities such as SQL injection and
Cross-Site Scripting flaws in open-source as well as custom-built applications
account for more than 80% of the vulnerabilities being discovered. In this
project we propose the design and development of a prototype that can inspect
passively the network for extracting URLs that can potentially exploit a web
application, through XSS. The detector assumes that all URLs that contain
parts that can produce a valid JavaScript syntax tree are considered
suspicious. We will develop tools that identify text fragments of URLs,
exchanged in the network, that produce a valid JavaScript syntax-tree of high
depth. These URLs are considered as possible XSS exploitation attempts."
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
- natural sciences computer and information sciences internet
- natural sciences computer and information sciences databases relational databases
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
FP7-PEOPLE-2010-IOF
See other projects for this call
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Coordinator
70 013 IRAKLEIO
Greece
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.