DOM-XSS Detection via Webpage Interaction Fuzzing and URL Component Synthesis
Nuno Sabino
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · AI & Web Security
This research significantly advances **DOM-based XSS detection** at scale by addressing the fundamental code coverage limitations of prior work. While previous studies relied on **passive navigation** (loading a page and waiting for code to execute), this work introduces two active exploration techniques: **webpage interaction fuzzing** (simulating realistic user interactions to trigger event handlers) and **dynamic symbolic execution (DSE)** for URL component synthesis (generating GET parameters and fragment values that trigger new code paths).
AI review
A solid advancement in DOM XSS detection that addresses the passive-navigation limitation of prior work through interaction fuzzing and symbolic execution for URL synthesis. The 21% improvement from fuzzing and unique DSE findings are meaningful. The 100x decline in DOM XSS prevalence compared to prior studies is the most important finding for understanding the current web security landscape.