Cross site scripting (XSS) attack detection using intrustion detection system

Gupta, Kunal; Singh, Rajni; Dixit, Manish

doi:10.1109/iccons.2017.8250709

Cited by 9 publications

(3 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Existing solutions [12,13] for detection of malicious code attacks are broadly based on two approaches: signature-based and heuristic-based. In the signature-based approach, the malicious script's detection is performed by comparing the unique string patters in the binary code.…”

Section: Related Workmentioning

confidence: 99%

MNN-XSS: Modular Neural Network Based Approach for XSS Attack Detection

Alqarni

Alsharif

Khan

et al. 2022

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

The rapid growth and uptake of network-based communication technologies have made cybersecurity a significant challenge as the number of cyber-attacks is also increasing. A number of detection systems are used in an attempt to detect known attacks using signatures in network traffic. In recent years, researchers have used different machine learning methods to detect network attacks without relying on those signatures. The methods generally have a high false-positive rate which is not adequate for an industry-ready intrusion detection product. In this study, we propose and implement a new method that relies on a modular deep neural network for reducing the false positive rate in the XSS attack detection system. Experiments were performed using a dataset consists of 1000 malicious and 10000 benign sample. The model uses 50 features selected by using Pearson correlation method and will be used in the detection and preventions of XSS attacks. The results obtained from the experiments depict improvement in the detection accuracy as high as 99.96% compared to other approaches.

show abstract

Section: Related Workmentioning

confidence: 99%

MNN-XSS: Modular Neural Network Based Approach for XSS Attack Detection

Alqarni

Alsharif

Khan

et al. 2022

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

show abstract

“…• Cross-site Scripting [28]: This is an attack that attempts to inject malicious codes in the client side of a website. It relies on weaknesses in the unencrypted websites and the information entered by users.…”

Section: B Types Of Network Attacksmentioning

confidence: 99%

Performance Analysis of Network Intrusion Detection System using Machine Learning

Alsaeedi¹,

Zubair²

2019

IJACSA

View full text Add to dashboard Cite

With the coming of the Internet and the increasing number of Internet users in recent years, the number of attacks has also increased. Protecting computers and networks is a hard task. An intrusion detection system is used to detect attacks and to protect computers and network systems from these attacks. This paper aimed to compare the performance of Random Forests, Decision Tree, Gaussian Naïve Bayes, and Support Vector Machines in detecting network attacks. An up-to-date dataset was chosen to compare the performance of these classifiers. The results of the conducted experiments demonstrate that both Random Forests and Decision Tree performed effectively in detecting attacks.

show abstract

“…As the Web application has entered the third generation [7], more and more services will be carried out in the form of a Web application soon. XSS is one of the most common approaches of attack in Web applications, and the corresponding defense measures should be further emphasized [8]. Although defense against XSS has become an important part of WAF, a robust Web application should not rely solely on an external firewall to ensure security.…”

Section: Introductionmentioning

confidence: 99%

Cross-Site Scripting Guardian: A Static XSS Detector Based on Data Stream Input-Output Association Mining

Wang

Miao

et al. 2020

Applied Sciences

View full text Add to dashboard Cite

The largest number of cybersecurity attacks is on web applications, in which Cross-Site Scripting (XSS) is the most popular way. The code audit is the main method to avoid the damage of XSS at the source code level. However, there are numerous limits implementing manual audits and rule-based audit tools. In the age of big data, it is a new research field to assist the manual auditing through machine learning. In this paper, we propose a new way to audit the XSS vulnerability in PHP source code snippets based on a PHP code parsing tool and the machine learning algorithm. We analyzed the operation sequence of source code and built a model to acquire the information that is most closely related to the XSS attack in the data stream. The method proposed can significantly improve the recall rate of vulnerability samples. Compared with related audit methods, our method has high reusability and excellent performance. Our classification model achieved an F1 score of 0.92, a recall rate of 0.98 (vulnerable sample), and an area under curve (AUC) of 0.97 on the test dataset.

show abstract

Cross site scripting (XSS) attack detection using intrustion detection system

Cited by 9 publications

References 10 publications

MNN-XSS: Modular Neural Network Based Approach for XSS Attack Detection

MNN-XSS: Modular Neural Network Based Approach for XSS Attack Detection

Performance Analysis of Network Intrusion Detection System using Machine Learning

Cross-Site Scripting Guardian: A Static XSS Detector Based on Data Stream Input-Output Association Mining

Contact Info

Product

Resources

About