MULTIFACTOR AUTHENTICATION PREVENT STORE-XSS SERVER MODEL FOR EFFECTIVE MITIGATION AGAINST CROSS-SITE SCRIPTING

ABSTRACT

Web apps are essential for sectors such as education, banking, and social media; yet, their extensive utilization subject’s users to security vulnerabilities including code injection, Cross-Site Scripting (XSS), data breaches, and malware. Cross-Site Scripting (XSS), a form of injection attack, enables the insertion of malicious payloads into trusted websites, jeopardizing user data or accounts. Notwithstanding the presence of countermeasures such as Prevent Stored Server Scripting (PSS), assailants frequently circumvent these measures. A Multifactor Prevent Stored XSS Server (MAPSS) model was created utilizing Python and Flask to tackle this issue. MAPSS incorporates tokenization with Natural Language Processing (NLP) and facial recognition biometrics to improve XSS detection and prevention. Evaluated using malicious payloads from GitHub’s XSS repository, MAPSS effectively obstructed payload injections, demonstrating its efficacy in safeguarding web applications from XSS attacks. This concept provides a strong solution to a significant cybersecurity issue.

Keywords: Cyber-attacks, Cross-Site Scripting, Prevent Stored XSS Server Model, Multifactor Authentication, Tokenization.