Adversarial Examples Detection for XSS Attacks Based on Generative Adversarial Networks

Zhang, Xueqin; Zhou, Yue; Pei, Songwen; Zhuge, Jingjing; Chen, Jiahao

doi:10.1109/access.2020.2965184

Cited by 44 publications

(24 citation statements)

References 14 publications

(18 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Zhang et al [131] used an adapted Monte Carlo tree search algorithm (MCTS) for the generation of XSS attacks. Adversarial attacks are generated following a set of bypassing rules enabling hexadecimal encoding, decimal encoding, url encoding, insertion of invalid chars in the middle of tags and case mixture.…”

Section: Machine Learningmentioning

confidence: 99%

Twenty-two years since revealing cross-site scripting attacks: a systematic mapping and a comprehensive survey

Hannousse¹,

Yahiouche²,

Nait-Hamoud³

2022

Preprint

View full text Add to dashboard Cite

Cross-site scripting (XSS) is one of the major threats menacing the privacy of data and the navigation of trusted web applications. Since its reveal in late 1999 by Microsoft security engineers, several techniques have been developed in the aim to secure web navigation and protect web applications against XSS attacks. The problem became worse with the emergence of advanced web technologies such as Web services and APIs and new programming styles such as AJAX, CSS3 and HTML5. While new technologies enable complex interactions and data exchanges between clients and servers in the network, new programming styles introduce new and complicate injection flaws to web applications. XSS has been and still in the TOP 10 list of web vulnerabilities reported by the Open Web Applications Security Project (OWASP). Consequently, handling XSS attacks became one of the major concerns of several web security communities. In this paper, we contribute by conducting a systematic mapping and a comprehensive survey. We summarize and categorize existent endeavors that aim to protect against XSS attacks and develop XSS-free web applications. The present review covers 147 high quality published studies since 1999 including early publications of 2022. A comprehensive taxonomy is drawn out describing the different techniques used to prevent, detect, protect and defend against XSS attacks. Although the diversity of XSS attack types and the scripting languages that can be used to state them, the systematic mapping revealed a remarkable bias toward basic and JavaScript XSS attacks and a dearth of vulnerability repair mechanisms. The survey highlighted the limitations, discussed the potentials of existing XSS attack defense mechanisms and identified potential gaps.

show abstract

Section: Machine Learningmentioning

confidence: 99%

Twenty-two years since revealing cross-site scripting attacks: a systematic mapping and a comprehensive survey

Hannousse¹,

Yahiouche²,

Nait-Hamoud³

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Unfortunately, they are unable to bypass the detection of NIDS. Zhang et al [28] attempt to generate adversarial examples based on Monte Carlo tree search (MCTS), while their method can only modify original XSS attacks by strictly following XSS bypassing rules. The network packet is a sequence indeed where each byte can be considered as a token.…”

Section: A Literature Reviewmentioning

confidence: 99%

“…GAN estimates generative models from a game-theoretic perspective by utilizing a discriminative network and a generative network. More researchers try to generate adversarial network traffic based on GAN and its variants [18]- [28]. Existing works provide adversarial network traffic crafting at both flow level and packet level.…”

Section: A Literature Reviewmentioning

confidence: 99%

PAC-GAN: Packet Generation of Network Traffic using Generative Adversarial Networks

Cheng

2019

2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)

View full text Add to dashboard Cite

The surge in the internet of things (IoT) devices seriously threatens the current IoT security landscape, which requires a robust network intrusion detection system (NIDS). Despite superior detection accuracy, existing machine learning or deep learning based NIDS are vulnerable to adversarial examples. Recently, generative adversarial networks (GANs) have become a prevailing method in adversarial examples crafting. However, the nature of discrete network traffic at the packet level makes it hard for GAN to craft adversarial traffic as GAN is efficient in generating continuous data like image synthesis. Unlike previous methods that convert discrete network traffic into a grayscale image, this paper gains inspiration from SeqGAN in sequence generation with policy gradient. Based on the structure of SeqGAN, we propose Attack-GAN to generate adversarial network traffic at packet level that complies with domain constraints. Specifically, the adversarial packet generation is formulated into a sequential decision making process. In this case, each byte in a packet is regarded as a token in a sequence. The objective of the generator is to select a token to maximize its expected end reward. To bypass the detection of NIDS, the generated network traffic and benign traffic are classified by a black-box NIDS. The prediction results returned by the NIDS are fed into the discriminator to guide the update of the generator. We generate malicious adversarial traffic based on a real public available dataset with attack functionality unchanged. The experimental results validate that the generated adversarial samples are able to deceive many existing black-box NIDS.

show abstract

“…Machine learning (ML) [9][10][11][12][13] and neural network (NN) [14][15][16][17] techniques have recently been used to detect XSS vulnerability in source code. Genetic algorithms and fuzzy inference are combined with ML and NN to generate a large number of permutations and combinations of payloads using the existing datasets to mitigate the newer adversarial attacks [18][19][20][21]. Existing algorithms are limited by training on a xed number of features and datasets.…”

Section: Introductionmentioning

confidence: 99%

GeneMiner: A Classification Approach for Detection of XSS Attacks on Web Services

Gupta

Singh

Mohapatra

2022

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

According to OWASP 2021, cross-site scripting (XSS) attacks are increasing through specially crafted XML documents. The attacker injects a malicious payload with a new pattern and combination of scripts, functions, and tags that deceits the existing security mechanisms in web services. This paper proposes an approach, GeneMiner, encompassing GeneMiner-E to extract new features and GeneMiner-C for classification of input payloads as malicious and nonmalicious. The proposed approach evolves itself to the changing patterns of attack payloads and identifies adversarial XSS attacks. The experiments have been conducted by collecting data from open source and generating various combinations of scripts, functions, and tags using an incremental genetic algorithm. The experimental results show that the proposed approach effectively detects newly crafted malicious XSS payloads with an accuracy of 98.5%, which is better than the existing classification techniques. The approach learns variations in the existing attack sample space and identifies the new attack payloads with reduced efforts.

show abstract

Adversarial Examples Detection for XSS Attacks Based on Generative Adversarial Networks

Cited by 44 publications

References 14 publications

Twenty-two years since revealing cross-site scripting attacks: a systematic mapping and a comprehensive survey

Twenty-two years since revealing cross-site scripting attacks: a systematic mapping and a comprehensive survey

PAC-GAN: Packet Generation of Network Traffic using Generative Adversarial Networks

GeneMiner: A Classification Approach for Detection of XSS Attacks on Web Services

Contact Info

Product

Resources

About