Cross-Site Scripting (XSS) Detection Integrating Evidences in Multiple Stages

dc.contributor.author Zhang, Jingchi
dc.contributor.author Jou, Yu-Tsern
dc.contributor.author Li, Xiangyang
dc.date.accessioned 2019-01-03T00:57:31Z
dc.date.available 2019-01-03T00:57:31Z
dc.date.issued 2019-01-08
dc.description.abstract As Cross-Site Scripting (XSS) remains one of the top web security risks, people keep exploring ways to detect such attacks efficiently. So far, existing solutions only focus on the payload in a web request or a response, a single stage of a web transaction. This work proposes a new approach that integrates evidences from both a web request and its response in order to better characterize XSS attacks and separate them from normal web transactions. We first collect complete payloads of XSS and normal web transactions from two databases and extract features from them using the Word2vec technique. Next, we train two Gaussian mixture models (GMM) with these features, one for XSS transaction and one for normal web transactions. These two models can generate two probability scores for a new web transaction, which indicate how similar this web transaction is to XSS and normal traffics respectively. Finally, we put together these two GMM models in classification by combining these two probabilities to further improve detection accuracy.
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2019.860
dc.identifier.isbn 978-0-9981331-2-6
dc.identifier.uri http://hdl.handle.net/10125/60153
dc.language.iso eng
dc.relation.ispartof Proceedings of the 52nd Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.uri https://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subject Cyber Threat Intelligence and Analytics
dc.subject Software Technology
dc.subject Attack Detection, Cross-Site Scripting, Gaussian Mixture Model, Web Attack
dc.title Cross-Site Scripting (XSS) Detection Integrating Evidences in Multiple Stages
dc.type Conference Paper
dc.type.dcmi Text
Files
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
0713.pdf
Size:
6.74 MB
Format:
Adobe Portable Document Format
Description: