IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v17y2025i7p284-d1687896.html
   My bibliography  Save this article

Strategies and Challenges in Detecting XSS Vulnerabilities Using an Innovative Cookie Collector

Author

Listed:
  • Germán Rodríguez-Galán

    (Departamento de Ciencias de la Computación, Universidad de las Fuerzas Armadas-ESPE, Sangolquí 171103, Ecuador)

  • Eduardo Benavides-Astudillo

    (Departamento de Ciencias de la Computación, Universidad de las Fuerzas Armadas-ESPE, Santo Domingo de los Tsáchilas, Parroquia Luz de América 230118, Ecuador)

  • Daniel Nuñez-Agurto

    (Departamento de Ciencias de la Computación, Universidad de las Fuerzas Armadas-ESPE, Santo Domingo de los Tsáchilas, Parroquia Luz de América 230118, Ecuador)

  • Pablo Puente-Ponce

    (Departamento de Ciencias de la Computación, Universidad de las Fuerzas Armadas-ESPE, Santo Domingo de los Tsáchilas, Parroquia Luz de América 230118, Ecuador)

  • Sonia Cárdenas-Delgado

    (Departamento de Ciencias de la Computación, Universidad de las Fuerzas Armadas-ESPE, Sangolquí 171103, Ecuador)

  • Mauricio Loachamín-Valencia

    (Departamento de Ciencias de la Computación, Universidad de las Fuerzas Armadas-ESPE, Sangolquí 171103, Ecuador
    Departamento de Informática y Ciencias de la Computación, Escuela Politécnica Nacional, Quito 170525, Ecuador)

Abstract

This study presents a system for automatic cookie collection using bots that simulate user browsing behavior. Five bots were deployed, one for each of the most commonly used university browsers, enabling comprehensive data collection across multiple platforms. The infrastructure included an Ubuntu server with PiHole and Tshark services, facilitating cookie classification and association with third-party advertising and tracking networks. The BotSoul algorithm automated navigation, analyzing 440,000 URLs over 10.9 days with uninterrupted bot operation. The collected data established relationships between visited domains, generated cookies, and captured traffic, providing a solid foundation for security and privacy analysis. Machine learning models were developed to classify suspicious web domains and predict their vulnerability to XSS attacks. Additionally, clustering algorithms enabled user segmentation based on cookie data, identification of behavioral patterns, enhanced personalized web recommendations, and browsing experience optimization. The results highlight the system’s effectiveness in detecting security threats and improving navigation through adaptive recommendations. This research marks a significant advancement in web security and privacy, laying the groundwork for future improvements in protecting user information.

Suggested Citation

  • Germán Rodríguez-Galán & Eduardo Benavides-Astudillo & Daniel Nuñez-Agurto & Pablo Puente-Ponce & Sonia Cárdenas-Delgado & Mauricio Loachamín-Valencia, 2025. "Strategies and Challenges in Detecting XSS Vulnerabilities Using an Innovative Cookie Collector," Future Internet, MDPI, vol. 17(7), pages 1-30, June.
    • Handle: RePEc:gam:jftint:v:17:y:2025:i:7:p:284-:d:1687896
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/17/7/284/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/17/7/284/
    Download Restriction: no
    ---><---

    More about this item

    Keywords

    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:17:y:2025:i:7:p:284-:d:1687896. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.