Securing heterogeneous embedded devices against XSS attack in intelligent IoT system

Chaudhary, P, Gupta, B B and Singh, A K (2022) Securing heterogeneous embedded devices against XSS attack in intelligent IoT system. Computers & Security, 118. ISSN 01674048

Full text not available from this repository. (Request a copy)


Today, we are living in the realm of Internet of Things (IoT) where simple objects are embedded with the capabilities to understand and operate in its surroundings for offering distinct services to the users. These objects are shipped with their user interfaces that facilitate user to perform administrative activities on the devices using a web browser linked to the device's server. Cross-Site Scripting (XSS) is the most prevalent web application's vulnerability, exploited by an attacker to compromise the embedded devices. This research work is focused towards the development of an approach to defend against XSS attack to safeguard embedded devices deployed in intelligent IoT system. It performs identification through comparing injected strings with the blacklisted attack vectors and mitigates its harmful effects by implementing filtering method in an optimized fashion. It is a fog-enabled approach that operates locally to identify the compromised device within the IoT network. We demonstrate attack exploitation on two smart devices including digital IP Camera and wireless router and then tested the performance of our proposed approach on them. The experimental results highlight the efficacy of the approach as it attains an accuracy of 0.9 and above, on both the tested platforms.

Affiliation: Skyline University College
SUC Author(s): Gupta, B B
All Author(s): Chaudhary, P, Gupta, B B and Singh, A K
Item Type: Article
Uncontrolled Keywords: Intelligent IoT System, Embedded device security, Firmware security, Device management web interface vulnerabilities, Cross-site scripting (XSS) attack, Web application vulnerability
Subjects: B Information Technology > BP Internet of Things
Divisions: Skyline University College > School of IT
Depositing User: Mr Veeramani Rasu
Date Deposited: 25 May 2022 12:41
Last Modified: 25 May 2022 12:41
Publisher URL:
Publisher OA policy:
Related URLs:

Actions (login required)

View Item
View Item
Statistics for SkyRep ePrint 232 Statistics for this ePrint Item