Article Preview
Top1. Introduction
Urbanization and migration require global development of economic, social, institutional and physical infrastructure. Consequently, it puts pressure on the city’s organization as request for resources like education, healthcare, transportation, government, and safety exceed their availability. To overcome these issues, cities are focusing on the utilization of technology i.e. becoming ‘smart’. Smart cities (Ferraz & Ferraz, 2014; Seth, 2013) are the cities that harness Information and Communication Technology to automate and enhance services for improving the living standard of their citizens and attain sustainable development. This concept of “smart cities” is the outcome of the new computing paradigm, that is, Internet of Things. Internet has been risen up to the level where everything nearby us is connected and turns out to be part of some form of network. Informally, we can define IoT as a network formed by devices capable of generating, sending and receiving information related to any business, accesses by any person, any time irrespective of the geographical location. Technology should be used to make cities smart in terms of the services provided such as smart traffic control, smart parking, smart health-care, smart transportation, smart city management system like waste management, water management, Smart Street lighting and so on (Hossain & Shamim, 2018; Li, & Daming, 2019). Therefore, in a nutshell, smart city means everything is embedded with sensors to enable them to interact with the environment. Smart cities comprise of some of the main components as illustrated in Figure 1. Indeed, smart city concept has given a new direction for nation’s growth; nevertheless, for the exchange of the data, it utilizes server infrastructure which brings some major challenges also. Cyber security is the biggest challenge because people share large amount of information comprising personal and professional over the Internet (Li, Jianzhong, 2018; Almomani, Ammar, 2013; Parada, Raúl,2018; Drennan, Judy, 2019). There are numerous cyber-attacks that have contaminated web application.
Figure 2 shows detailed architecture of the smart city and also shows what type of attacks are launched at which layer in the architecture of smart city. It may include DDOS, phishing, XSS, SQL injection, spamming etc. Code injection vulnerabilities are the most common and dangerous threat on Internet. It includes Cross-Site Scripting (XSS) (Chaudhary, Gupta, & Gupta, 2019; Gupta & Gupta, 2016a, 2016b, 2018b), SQL injection, etc. XSS attack (Chaudhary, Gupta, & Gupta, 2016;) is a type of code injection attack in which adversary injects malicious script code into the source program of the web application, triggers malicious actions like cookie stealing, session hijacking, dis-information and so on. It covers 3 types: Persistent XSS (Gupta & Gupta, 2018d, 2018e, 2018f), Reflected XSS (Gupta et al. 2017a, 2018c) and Document Object Model (DOM) based XSS attack (Gupta, Gupta, & Chaudhary, 2018a).