Skip to main content
SpringerLink
Log in

Cross-site Scripting Threat Intelligence Detection Based on Deep Learning

  • Conference paper
  • First Online:
Frontiers in Cyber Security (FCS 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1726))

Included in the following conference series:

  • 491 Accesses

Abstract

In an increasingly complex cyber environment, where the role of traditional protection tools is increasingly limited, intelligence is the key point in the battle. Through the information monitoring of Internet social platforms, potential cyberattack threats to enterprises, governments, and other institutions could be analyzed. Twitter, the world’s largest social media platform, spreads news and shares tweets about cybersecurity-related events and technologies daily, with cross-site scripting attacks being one of them. In the status quo, this paper proposes a cross-site scripting threat intelligence detection model based on deep learning, which can detect tweets involving threats related to cross-site scripting attacks. We utilized a variety of word vector extraction tools blended with topic word extraction techniques to construct a word vector matrix with multi-dimensional features. Then, the threat event detection model is trained using a bidirectional recurrent convolutional neural network with a self-attentive mechanism. In the experiment, the accuracy rate of our proposed model exceeds 0.96, and through multiple sets of control experimental data results, it is proved that the structure designed in the model is conducive to improving the performance of the model and that the model is effective in detecting tweets that involve cross-site scripting threats.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Marsh, M,. et al.: The Global Risks Report 2021, 21 December 2021. https://www.oliverwyman.com/content/dam/mmc-web/insights/publications/2021/january/global-risks-report/The-Global-Risks-Report-2021-small-FINAL.pdf

  2. Noor, U., Anwar, Z., Amjad, T., Choo, K.K.R.: A machine learning-based FinTech cyber threat attribution framework using high-level indicators of compromise. Future Gener. Comput. Syst. 96, 227–242 (2019)

    Article  Google Scholar 

  3. Yagcioglu, S., et al.: Detecting Cybersecurity Events from Noisy Short Text. arXiv (2019). arXiv:1904.05054

  4. Internet Security Center. 2020 Global Advanced Persistent Threat APT Research Report, February 2021. https://zt.360.cn/1101061855.php?dtid=1101062360 &did=211138962

  5. OWASP, OWASP Top 10–2021. https://owasp.org/Top10/. 2021-12-21

  6. Ruder, S.: An overview of multi-task learning in deep neural networks. arXiv (2017). arXiv:1706.05098

  7. Willett, P.K., Kirubarajan, T.: System diagnosis and prognosis: security and condition monitoring issues III. In: System Diagnosis and Prognosis: Security and Condition Monitoring Issues, vol. III, p. 5107 (2003)

    Google Scholar 

  8. Qiu, X., Lin, X., Qiu, L.: Feature representation models for cyber attack event extraction. In: 2016 IEEE/WIC/ACM International Conference on Web Intelligence Workshops (WIW), pp. 29–32. IEEE (2016)

    Google Scholar 

  9. Khandpur, R.P., Ji, T., Jan, S., et al.: Crowdsourcing cybersecurity: cyber attack detection using social media. In: Proceedings of the 2017 ACM on Conference on Information and Knowledge Management, pp. 1049–1057 (2017)

    Google Scholar 

  10. Le Sceller, Q., Karbab, E.M.B., Debbabi, M., et al.: Sonar: automatic detection of cyber security events over the twitter stream. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, pp. 1–11 (2017)

    Google Scholar 

  11. Bose, A., Behzadan, V., Aguirre, C., et al.: A novel approach for detection and ranking of trendy and emerging cyber threat events in twitter streams. In: 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pp. 871–878. IEEE (2019)

    Google Scholar 

  12. Ji, T., Zhang, X., Self, N., et al.: Feature driven learning framework for cybersecurity event detection. In: Proceedings of the 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, pp. 196–203 (2019)

    Google Scholar 

  13. Trong, H.M.D., Le, D.T., Veyseh, A.P.B., et al.: Introducing a new dataset for event detection in cybersecurity texts. In: Proceedings of the 2020 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 5381–5390 2020)

    Google Scholar 

  14. Shin H, Shim W C, Moon J, et al. Cybersecurity Event Detection with New and Re-emerging Words. In: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, pp. 665–678 (2020)

    Google Scholar 

  15. Simran, K., Balakrishna, P., Vinayakumar, R., Soman, K.P.: Deep learning approach for enhanced cyber threat indicators in twitter stream. In: Thampi, S.M., Martinez Perez, G., Ko, R., Rawat, D.B. (eds.) SSCC 2019. CCIS, vol. 1208, pp. 135–145. Springer, Singapore (2020). https://doi.org/10.1007/978-981-15-4825-3_11

    Chapter  Google Scholar 

  16. Cassel, M., Lima, F.: Evaluating one-hot encoding finite state machines for SEU reliability in SRAM-based FPGAs. In: 12th IEEE International On-Line Testing Symposium (IOLTS 2006). IEEE (2006). 6 pp

    Google Scholar 

  17. Mikolov, T., Sutskever, I., Chen, K., Corrado, G., Dean, J.: Distributed representations of words and phrases and their compositionality. Adv. Neural. Inf. Process. Syst. 26, 3111–3119 (2013)

    Google Scholar 

  18. Pennington, J., Socher, R., Manning, C.D.: Glove: global vectors for word representation. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 1532–1543 (2014)

    Google Scholar 

  19. Joulin, A., Grave, E., Bojanowski, P., et al.: Bag of tricks for efficient text classification. In: Proceedings of the 15th Conference of the European Chapter of the Association for Computational Linguistics: Volume 2, Short Papers, vol. 2, pp. 427–431

    Google Scholar 

  20. Sun, F., Chen, H.: Feature extension for Chinese short text classification based on LDA and word2vec. In: 2018 13th IEEE Conference on Industrial Electronics and Applications (ICIEA), pp. 1189–1194. IEEE 2018

    Google Scholar 

  21. Sutskever, I., Vinyals, O., Le Quoc, V.: Sequence to sequence learning with neural networks. In: Proceedings of the 28th Annual Conference on Neural Information Processing Systems-NIPS, Montreal, QC, Canada, 8–13 December 2014, pp. 3104–3112 (2014)

    Google Scholar 

  22. Graves, A., Schmidhuber, J.: Framewise phoneme classification with bidirectional LSTM and other neural network architectures. Neural Netw. 18(5–6), 602–610 (2005)

    Article  Google Scholar 

  23. Li, X., Zhang, W., Ding, Q.: Understanding and improving deep learning-based rolling bearing fault diagnosis with attention mechanism. Signal Process. 161, 136–154 (2019)

    Article  Google Scholar 

  24. Zhao, H., Jia, J., Koltun, V.: Exploring self-attention for image recognition. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, pp. 10076–10085 (2020)

    Google Scholar 

  25. Yin, X., Zhao, H., Zhao, J.B.: Military named entity recognition based on multi-neural network cooperation. Tsinghua Univ. J. (Nat. Sci. Ed.) 60(8), 648–655 (2020)

    Google Scholar 

Download references

Acknowledgements

This work was supported in part by National Natural Science Foundation of China (U20B2045).

Author information

Authors and Affiliations

  1. School of Cyber Science and Engineering, Sichuan University, Chengdu, Sichuan, China

    Zhonglin Liu, Yong Fang & Yijia Xu

Authors
  1. Zhonglin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong Fang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yijia Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yijia Xu .

Editor information

Editors and Affiliations

  1. Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

    Emmanuel Ahene

  2. University of Electronic Science and Technology of China, Chengdu, China

    Fagen Li

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liu, Z., Fang, Y., Xu, Y. (2022). Cross-site Scripting Threat Intelligence Detection Based on Deep Learning. In: Ahene, E., Li, F. (eds) Frontiers in Cyber Security. FCS 2022. Communications in Computer and Information Science, vol 1726. Springer, Singapore. https://doi.org/10.1007/978-981-19-8445-7_6

Download citation

  • DOI: https://doi.org/10.1007/978-981-19-8445-7_6

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-19-8444-0

  • Online ISBN: 978-981-19-8445-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation