Open AccessDOI
A Detailed Survey on Recent XSS Web-Attacks Machine Learning Detection Techniques
Jasleen Kaur,Urvashi Garg +1 more
Reads0
Chats0
TLDR
In this article, the authors present a survey of the recent approaches being applied by the numerous researchers in their proposed models and introduce a classification chart of several machine learning algorithms that can be applied to the web-attack detection model.Abstract:
XSS attacks have become more prevalent in last few decades and thus more challenging to detect their existence. XSS attacks are broadly classified into two categories: server-based XSS attack and client-based XSS attack. Although a lot of research has already been done in this area, still the methods lack in precision and accuracy as per the literature survey. There are ample of methodologies being applied in the detection of XSS attacks using supervised learning, unsupervised learning, reinforcement learning, deep learning and metaheuristic algorithms. We present a survey of the recent approaches being applied by the numerous researchers in their proposed models. Following indexed journals were used for research papers’ collection in order to carry out a survey: Elsevier, Springer, IEEE explore, Hindawi, google scholar, and Web of Science. Moreover, in this paper, we introduce a classification chart of several machine learning algorithms that can be applied to the web-attack detection model.read more
Citations
More filters
Journal ArticleDOI
Cross-Site Scripting Attacks and Defensive Techniques: A Comprehensive Survey
TL;DR: In this paper , the authors have done a thorough study and reviewed several research papers and publications with a specific focus on the researchers' defensive techniques for preventing XSS attacks and subdivided them into five categories: machine learning techniques, server-side techniques, client side techniques, proxy-based techniques, and combined approaches.
Proceedings ArticleDOI
Cross Site Scripting (XSS) vulnerability detection using Machine Learning and Statistical Analysis
TL;DR: In this paper , the authors proposed a novel approach for detecting XSS attacks using different models such as Long Short Term Memory (LSTM), Convolution Neural Networks (CNN), and boosting algorithms such as AdaBoost and Gradient Boosting algorithms, and classification algorithm such as Logistic Regression (LR), Support Vector Machine (SVM), K-Nearest Neighbour (KNN), Random Forest (RF), Naive Bayes (NB), and Decision Tree (DT) algorithm for the detection of XSS.
Proceedings ArticleDOI
Detection of JavaScript Injection Eavesdropping on WebRTC communications
TL;DR: In this paper , the authors demonstrate through real-world implementation how an eavesdropper can intercept WebRTC video calls by installing a malicious code onto the webRTC webserver.
Journal ArticleDOI
Machine Learning for Detection and Mitigation of Web Vulnerabilities and Web Attacks
TL;DR: In this article , a survey of machine learning approaches for detecting and preventing cross-site scripting (XSS) and request forgery (CSRF) attacks can be found, which can be used to improve the performance of detecting web vulnerabilities and preventing the attacks from happening.
Proceedings ArticleDOI
Cross Site Scripting (XSS) vulnerability detection using Machine Learning and Statistical Analysis
TL;DR: In this paper , the authors proposed a novel approach for detecting XSS attacks using different models such as Long Short Term Memory (LSTM), Convolution Neural Networks (CNN), and boosting algorithms such as AdaBoost and Gradient Boosting algorithms, and classification algorithm such as Logistic Regression (LR), Support Vector Machine (SVM), K-Nearest Neighbour (KNN), Random Forest (RF), Naive Bayes (NB), and Decision Tree (DT) algorithm for the detection of XSS.
References
More filters
Proceedings ArticleDOI
DeepXSS: Cross Site Scripting Detection Based on Deep Learning
TL;DR: Experimental results show that the proposed XSS detection model based on deep learning achieves a precision rate of 99.5% and a recall rate of 97.9% in real dataset, which means that the novel approach can effectively identify XSS attacks.
Journal ArticleDOI
Detecting web attacks with end-to-end deep learning
TL;DR: The results show that the proposed approach can efficiently and accurately detect attacks, including SQL injection, cross-site scripting, and deserialization, with minimal domain knowledge and little labeled training data.
Journal ArticleDOI
Resolving cross-site scripting attacks through genetic algorithm and reinforcement learning
Iram Tariq,Muddassar Azam Sindhu,Rabeeh Ayaz Abbasi,Akmal Saeed Khattak,Onaiza Maqbool,Ghazanfar Farooq Siddiqui +5 more
TL;DR: This paper has proposed the use of Genetic Algorithm (GA) along with Reinforcement Learning (RL) and threat intelligence to overcome XSS attacks and shows better performance when compared to the approaches reported in the literature.
Proceedings ArticleDOI
A Machine Learning Approach for Vulnerability Curation
TL;DR: The design and implementation of a machine learning system to help the curation by by automatically predicting the vulnerability-relatedness of each data item is reported, and there is no uniform ordering of word2vec parameters sensitivity across data sources.
Proceedings ArticleDOI
Exploring the Dark Web for Cyber Threat Intelligence using Machine Leaning
TL;DR: This paper proposes an approach to extract forums which include important information or intelligence from huge amounts of forums and identify traits of each forum using methodologies such as machine learning, natural language processing and so on to grasp the emerging threats in cyberspace and take appropriate measures against malicious activities.