• العربية
    • English
  • English 
    • العربية
    • English
  • Login
Home
Publisher PoliciesTerms of InterestHelp Videos
Submit Thesis
IntroductionIUGSpace Policies
JavaScript is disabled for your browser. Some features of this site may not work without it.
View Item 
  •   Home
  • Faculty of Information Technology
  • PhD and MSc Theses- Faculty of Information Technology
  • View Item
  •   Home
  • Faculty of Information Technology
  • PhD and MSc Theses- Faculty of Information Technology
  • View Item

Please use this identifier to cite or link to this item:

http://hdl.handle.net/20.500.12358/20201
TitleDetection and Prevention of XSS Vulnerabilities in MOODLE
Untitled
Abstract

MOODLE (Modular Object-oriented Dynamic Learning Environment) is one of the most popular e-learning environment in the world, MOODLE is same as web application that vulnerable to illegal attacks so, the need for confidentiality, Integrity and availability in e-learning is extremely complex problem to meet the security requirements. One of the serious attacks to the MOODLE is Cross site Scripting (XSS). XSS is a web application vulnerability that occur whenever a web application takes data from user without proper encoding or validation and sends it to the browser. XSS allow attacker to executes scripts that can hijack victims session and deface web sites. MOODLE resources (file, page and student's assignment) are still vulnerable to XSS attacks. For this we need to secure the MOODLE against XSS attacks to keep both teachers and students information secure. A lot of researches have handled XSS attacks in CMS but most of these researches have a little attention on XSS attacks on MOODLE. So, we discussed PHP's functions that used to prevent XSS attacks. Additionally we conducted a comparative study between four published filters to determine their weakness, then RT_XSS_Cln filter was developed to prevent XSS attacks. RT_XSS_Cln filter is written using PHP language. RT_XSS_Cln filter provide a high protection against XSS attacks comparing with the other filters. RT_XSS_Cln filter evaluated by performing offline and online testing, offline testing is done by nearly 80 files contain nearly 1000 malicious scripts, while online testing is done by plugging RT_XSS_Cln on the Moodle from both sides teacher's side and students' side to protect both of them. RT_XSS_Cln filter overcomes that other filters' weaknesses, it's more accurate than the other filters due to its ability able to prevent all XSS tested scripts (1000 scripts), also RT_XSS_Cln filter is faster than the other filters it has a little processing mean time than the others nearly 0.002s.

Authors
Al-azaiza, Rola
Supervisors
Barhoom, Tawfiq
Typeرسالة ماجستير
Date2016
LanguageEnglish
Publisherالجامعة الإسلامية - غزة
Citation
License
Collections
  • PhD and MSc Theses- Faculty of Information Technology [124]
Files in this item
file_1.pdf3.793Mb
Thumbnail

The institutional repository of the Islamic University of Gaza was established as part of the ROMOR project that has been co-funded with support from the European Commission under the ERASMUS + European programme. This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Contact Us | Send Feedback
 

 

Browse

All of IUGSpaceCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsSupervisorsThis CollectionBy Issue DateAuthorsTitlesSubjectsSupervisors

My Account

LoginRegister

Statistics

View Usage Statistics

The institutional repository of the Islamic University of Gaza was established as part of the ROMOR project that has been co-funded with support from the European Commission under the ERASMUS + European programme. This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

Contact Us | Send Feedback