Automatic classification of cross-site scripting in web pages using document-based and URL-based features

Nunan, Angelo Eduardo; Souto, Eduardo; Santos, Eulanda M. dos; Feitosa, Eduardo

doi:10.1109/iscc.2012.6249380

Cited by 42 publications

(21 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, it is vulnerable to simple polymorphic worms wherein the payload signature changes actively throughout the propagation of the worm. Nunan et al [12] applied the automatic classification of webpages for XSS attack detection. This type of classification is based on the features of URL and webpage-document.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

Rathore¹,

Sharma²,

Park³

2017

J Inf Process Syst

View full text Add to dashboard Cite

Social networking services (SNSs) such as Twitter, MySpace, and Facebook have become progressively significant with its billions of users. Still, alongside this increase is an increase in security threats such as crosssite scripting (XSS) threat. Recently, a few approaches have been proposed to detect an XSS attack on SNSs. Due to the certain recent features of SNSs webpages such as JavaScript and AJAX, however, the existing approaches are not efficient in combating XSS attack on SNSs. In this paper, we propose a machine learningbased approach to detecting XSS attack on SNSs. In our approach, the detection of XSS attack is performed based on three features: URLs, webpage, and SNSs. A dataset is prepared by collecting 1,000 SNSs webpages and extracting the features from these webpages. Ten different machine learning classifiers are used on a prepared dataset to classify webpages into two categories: XSS or non-XSS. To validate the efficiency of the proposed approach, we evaluated and compared it with other existing approaches. The evaluation results show that our approach attains better performance in the SNS environment, recording the highest accuracy of 0.972 and lowest false positive rate of 0.87.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Note, however, that it can be used to detect obfuscated malicious JavaScript only; it does not cover all possibilities of XSS attack. Nunan et al [12] used an automatic classification approach for XSS attack detection. This approach can be applied to SNSs to identify an XSS attack.…”

Section: Introductionmentioning

confidence: 99%

XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

Rathore¹,

Sharma²,

Park³

2017

J Inf Process Syst

View full text Add to dashboard Cite

show abstract

“…A classic problem is detecting cross-site scripting vulnerabilities which is practically its own sub-field of research [52]- [55]. A common model for this research is exploration and analysis of an emerging threat on the web, followed by measurement and crawling to detect its prevalence and character.…”

Section: A Empirical Web Security Studiesmentioning

confidence: 99%

Upgrading HTTPS in mid-air: An Empirical Study of Strict Transport Security and Key Pinning

Kranch

Bonneau

2015

Proceedings 2015 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Abstract-We have conducted the first in-depth empirical study of two important new web security features: strict transport security (HSTS) and public-key pinning. Both have been added to the web platform to harden HTTPS, the prevailing standard for secure web browsing. While HSTS is further along, both features still have very limited deployment at a few large websites and a long tail of small, security-conscious sites. We find evidence that many developers do not completely understand these features, with a substantial portion using them in invalid or illogical ways. The majority of sites we observed trying to set an HSTS header did so with basic errors that significantly undermine the security this feature is meant to provide. We also identify several subtle but important new pitfalls in deploying these features in practice. For example, the majority of pinned domains undermined the security benefits by loading non-pinned resources with the ability to hijack the page. A substantial portion of HSTS domains and nearly all pinned domains leaked cookie values, including login cookies, due to the poorly-understood interaction between HTTP cookies and the same-origin policy. Our findings highlight that the web platform, as well as modern web sites, are large and complicated enough to make even conceptually simple security upgrades challenging to deploy in practice.

show abstract

“…By mitigating XSS attacks, it provides protection against information leakage from web users. Nunan and Souto et al [10] proposed machine learning approach for the automatic classification of Cross Site Scripting attacks. They extracted features from the URLs and web documents and used them for analyzing classification performance.…”

Section: Related Workmentioning

confidence: 99%

“…7. Number of keywords: These are the words which usually appear in the URL as the variable names for assigning user input values or for the spread of phishing attacks[10]. Some of them include login, signup, contact, search, query, redirect etc.…”

mentioning

confidence: 99%

Prediction of Cross-Site Scripting Attack Using Machine Learning Algorithms

Vishnu

Jevitha

2014

Proceedings of the 2014 International Conference on Interdisciplinary Advances in Applied Computing

View full text Add to dashboard Cite

Dynamic web pages are widely used by web applications to provide better user experience and to attract more web users. The web applications use the client side and server side scripts to provide dynamic behavior to the web pages. Cross-Site Scripting (XSS) attack uses malicious scripts and links injected into the trusted web pages to steal sensitive data from the victims. In this paper, we present the experimental results obtained using three machine learning algorithms (Naïve Bayes, Support Vector Machine and J48 Decision Tree) for the prediction of Cross-site scripting attack. This is done using the features based on normal and malicious URLs and JavaScript. J48 gave better results than Naïve Bayes and Support Vector Machine based on the features extracted from URL and Java Script code. All the algorithms gave comparatively better results with discretized attributes but noticeable difference in performance was seen only in the case of SVM.

show abstract

Automatic classification of cross-site scripting in web pages using document-based and URL-based features

Cited by 42 publications

References 7 publications

XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

Upgrading HTTPS in mid-air: An Empirical Study of Strict Transport Security and Key Pinning

Prediction of Cross-Site Scripting Attack Using Machine Learning Algorithms

Contact Info

Product

Resources

About