Detecting Blind Cross-Site Scripting Attacks Using Machine Learning

被引：10

作者：

Kaur, Gurpreet ^{[1
]}

Malik, Yasir ^{[1
]}

Samuel, Hamman ^{[1
]}

Jaafar, Fehmi ^{[1
]}

机构：

[1] Univ Edmonton, Dept Informat Syst Secur & Assurance Management, Edmonton, AB, Canada

来源：

2018 INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND MACHINE LEARNING (SPML 2018) | 2018年

关键词：

Software Security; Web Security; Cross-Site Scripting (XSS); Machine Learning; Vulnerability Detection; XSS;

D O I：

10.1145/3297067.3297096

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Cross-site scripting (XSS) is a scripting attack targeting web applications by injecting malicious scripts into web pages. Blind XSS is a subset of stored XSS, where an attacker blindly deploys malicious payloads in web pages that are stored in a persistent manner on target servers. Most of the XSS detection techniques used to detect the XSS vulnerabilities are inadequate to detect blind XSS attacks. In this research, we present machine learning based approach to detect blind XSS attacks. Testing results help to identify malicious payloads that are likely to get stored in databases through web applications.

引用

页码：22 / 25

页数：4

共 50 条

[1] Detecting Cross-Site Scripting Attacks Using Machine Learning
Mereani, Fawaz A.
Howe, Jacob M.
[J]. INTERNATIONAL CONFERENCE ON ADVANCED MACHINE LEARNING TECHNOLOGIES AND APPLICATIONS (AMLTA2018), 2018, 723 : 200 - 210
[2] The Detecting Cross-Site Scripting (XSS) Using Machine Learning Methods
Kascheev, Stanislav
Olenchikova, Tatyana
[J]. 2020 GLOBAL SMART INDUSTRY CONFERENCE (GLOSIC), 2020, : 265 - 270
[3] Machine Learning-Driven Detection of Cross-Site Scripting Attacks
Alhamyani, Rahmah
Alshammari, Majid
[J]. INFORMATION, 2024, 15 (07)
[4] Detection of cross-site scripting (XSS) attacks using machine learning techniques: a review
Jasleen Kaur
Urvashi Garg
Gourav Bathla
[J]. Artificial Intelligence Review, 2023, 56 : 12725 - 12769
[5] Detection of cross-site scripting (XSS) attacks using machine learning techniques: a review
Kaur, Jasleen
Garg, Urvashi
Bathla, Gourav
[J]. ARTIFICIAL INTELLIGENCE REVIEW, 2023, 56 (11) : 12725 - 12769
[6] Resolving Cross-Site Scripting Attacks through Fusion Verification and Machine Learning
Lu, Jiazhong
Wei, Zhitan
Qin, Zhi
Chang, Yan
Zhang, Shibin
[J]. MATHEMATICS, 2022, 10 (20)
[7] Defending against Cross-Site Scripting Attacks
Shar, Lwin Khin
Tan, Hee Beng Kuan
[J]. COMPUTER, 2012, 45 (03) : 55 - 62
[8] Noncespaces: Using randomization to defeat cross-site scripting attacks
Van Gundy, Matthew
Chen, Hao
[J]. COMPUTERS & SECURITY, 2012, 31 (04) : 612 - 628
[9] Detecting Cross-Site Scripting Vulnerability using Concolic Testing
Ruse, Michelle E.
Basu, Samik
[J]. PROCEEDINGS OF THE 2013 10TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, 2013, : 633 - 638
[10] Detect Cross-Site Scripting Attacks Using Average Word Embedding and Support Vector Machine
Mokbal, Fawaz Mahiuob Mohammed
Wang, Dan
Wang, Xiaoxi
[J]. International Journal of Network Security, 2022, 24 (01) : 20 - 28

← 1 2 3 4 5 →