Statically Identifying XSS using Deep Learning

Heloise Maurel; Santiago Vidal; Tamara Rezk

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Statically Identifying XSS using Deep Learning

Topics: Machine Learning and AI Security; Software Security

In Proceedings of the 18th International Conference on Security and Cryptography SECRYPT - Volume 1, 99-110, 2021

Authors: Heloise Maurel ¹ ; Santiago Vidal ² and Tamara Rezk ¹

Affiliations: ¹ INRIA, INDES Project, Sophia Antipolis, France ; ² ISISTAN-CONICET, Argentina

Keyword(s): Web Security, Deep Learning, Web Attacks, Cross-site Scripting.

Abstract: Cross-site Scripting (XSS) is ranked first in the top 25 Most Dangerous Software Weaknesses (2020) of Common Weakness Enumeration (CWE) and places this vulnerability as the most dangerous among programming errors. In this work, we explore static approaches to detect XSS vulnerabilities using neural networks. We compare two different code representations based on Natural Language Processing (NLP) and Programming Language Processing (PLP) and experiment with models based on different neural network architectures for static analysis detection in PHP and Node.js. We train and evaluate the models using synthetic databases. Using the generated PHP and Node.js databases, we compare our results with a well-known static analyzer for PHP code, ProgPilot, and a known scanner for Node.js, AppScan static mode. Our analyzers using neural networks overcome the results of existing tools in all cases.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.21.231.245

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Maurel, H.; Vidal, S. and Rezk, T. (2021). Statically Identifying XSS using Deep Learning. In Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-524-1; ISSN 2184-7711, SciTePress, pages 99-110. DOI: 10.5220/0010537000990110

@conference{secrypt21,
author={Heloise Maurel. and Santiago Vidal. and Tamara Rezk.},
title={Statically Identifying XSS using Deep Learning},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT},
year={2021},
pages={99-110},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010537000990110},
isbn={978-989-758-524-1},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
TI - Statically Identifying XSS using Deep Learning
SN - 978-989-758-524-1
IS - 2184-7711
AU - Maurel, H.
AU - Vidal, S.
AU - Rezk, T.
PY - 2021
SP - 99
EP - 110
DO - 10.5220/0010537000990110
PB - SciTePress