ABSTRACT
This paper proposes an XSS attack detection method based on hybrid LSTM-Attention model combined with traditional feature engineering. In this method, Long Short-Term Memory (LSTM) model was used to capture sequence features, and Attention mechanism was introduced to automatically learn the weights of key features. By combining LSTM and Attention, the model is better able to handle the sequential nature of XSS attacks and is able to focus attention on the features that are most important for detection. At the same time, combined with the traditional XSS feature selection, special symbols and special words are added to the detection standard.The experimental results show that compared with traditional methods, this method can more accurately detect cross site attacks.The innovation of this paper is to combine the LSTM-Attention model combined with traditional feature engineering to XSS attack detection, thereby improving the accuracy and performance of XSS attack detection.Key words: XSS attack; LSTM-Attention; Feature engineering
- Li, Xiaowei, and Yuan Xue. "A survey on server-side approaches to securing web applications." ACM Computing Surveys (CSUR) 46.4 (2014): 1-29.Google ScholarDigital Library
- Zhao Cheng, Chen Junxin, Yao Minghai. XSS Attack detection Technology Based on SVM Classifier [J]. Computer Science,2018,45(S2):356-360.Google Scholar
- Li Kezi, Xu Yang, Zhang Qingling, Zhang Sicong. XSS Attack Detection Method Based on BiLSTM-Attention-CNN [J]. Journal of guizhou normal university (natural science edition), 2022, 40 (4) : 76-83. The DOI: 10.16614 / j.g znuj. ZRB. 2022.04.013.Google Scholar
- Li Renjie, Hua Chi, Lu Zhiping. Research on cross-site Scripting Attack Detection Based on SVM Classifier Optimized by FP-growth [J]. Information Security Research,2020,6(09):766-774.Google Scholar
- Mikolov T, Sutskever I, Chen K, Distributed representations of words and phrases and their compositionality[J]. Advances in neural information processing systems, 2013, 26.Google Scholar
- Yu Y, Si X, Hu C, A review of recurrent neural networks:LSTM cells and network architectures[J]. Neural computation, 2019,31(7):1235-1270.Google ScholarDigital Library
- Lei,Li, "XSS detection technology based on LSTM-attention." 2020 5th International Conference on Control, Robotics and Cybernetics (CRC). IEEE, 2020.Google Scholar
- Nilavarasan, G. S., and T. Balachander. "XSS Attack Detection using Convolution Neural Network." 2023 International Conference on Artificial Intelligence and Knowledge Discovery in Concurrent Engineering (ICECONF). IEEE, 2023.Google Scholar
- Wang R, Jia X, Li Q, Machine learning based cross-site scripting detection in online social network[C]//2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC, CSS, ICESS). IEEE, 2014: 823-826.Google Scholar
Index Terms
- Research on xss Detection based on ALSTM Model and Traditional Feature Engineering
Recommendations
A Survey on XSS Attack Detection and Prevention in Web Applications
ICMLC '20: Proceedings of the 2020 12th International Conference on Machine Learning and ComputingWith the popularity of web technology, web applications become more increasingly vulnerable and are exposed to malicious attacks. Cross Site Scripting(XSS) is a typical attack in web applications. When a vulnerability is exploited, an attacker may ...
Black-box adversarial attacks on XSS attack detection model
AbstractCross-site scripting (XSS) has been extensively studied, although mitigating such attacks in web applications remains challenging. While there is an increasing number of XSS attack detection approaches designed based on machine ...
A survey of detection methods for XSS attacks
AbstractCross-site scripting attack (abbreviated as XSS) is an unremitting problem for the Web applications since the early 2000s. It is a code injection attack on the client-side where an attacker injects malicious payload into a vulnerable ...
Comments