Detecting Blind Cross-Site Scripting Attacks Using Machine Learning
| Title | Detecting Blind Cross-Site Scripting Attacks Using Machine Learning |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Kaur, Gurpreet, Malik, Yasir, Samuel, Hamman, Jaafar, Fehmi |
| Conference Name | Proceedings of the 2018 International Conference on Signal Processing and Machine Learning |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-6605-2 |
| Keywords | composability, Cross Site Scripting, Cross-site scripting (XSS), governence, Human Behavior, information assurance, machine learning, Metrics, policy-based governance, pubcrawl, Resiliency, Scalability, software security, vulnerability detection, web security |
| Abstract | Cross-site scripting (XSS) is a scripting attack targeting web applications by injecting malicious scripts into web pages. Blind XSS is a subset of stored XSS, where an attacker blindly deploys malicious payloads in web pages that are stored in a persistent manner on target servers. Most of the XSS detection techniques used to detect the XSS vulnerabilities are inadequate to detect blind XSS attacks. In this research, we present machine learning based approach to detect blind XSS attacks. Testing results help to identify malicious payloads that are likely to get stored in databases through web applications. |
| URL | http://doi.acm.org/10.1145/3297067.3297096 |
| DOI | 10.1145/3297067.3297096 |
| Citation Key | kaur_detecting_2018 |