| Abstract [eng] |
With the increase of popularity in using online systems, more and more sensitive and personal data is stored on the Internet, and a variety of financial transactions are performed there. This phenomenon has become one of the essential reasons that have increased the number of crimes on the Internet. Often transferring information and performing some malicious operations include inserting program code to the website that the user is viewing (XSS attack). During these attacks, cyber criminals attempt to insert malicious code to the website, which the browser will perform when the user opens that website. Code insertion attacks are difficult to stop because the programs that work on the Internet are becoming more dynamic and allow the user to perform actions more freely. Usually, XSS attacks use codes created with JavaScript. However, cyber criminals can also use HTML, Flash or any other type of codes which user’s browser can perform. This type of attacks is directed to the users and not servers. The attackers usually choose websites with reliable content which are trusted by users and this way these websites become more vulnerable. |
