| Title | The Detecting Cross-Site Scripting (XSS) Using Machine Learning Methods |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Kascheev, S., Olenchikova, T. |
| Conference Name | 2020 Global Smart Industry Conference (GloSIC) |
| Keywords | Classification algorithms, Cross Site Scripting, cross-site scripting, Human Behavior, machine learning, Malware, Measurement, pubcrawl, resilience, Resiliency, Scalability, Task Analysis, Training, XSS attack |
| Abstract | This article discusses the problem of detecting cross-site scripting (XSS) using machine learning methods. XSS is an attack in which malicious code is embedded on a page to interact with an attacker's web server. The XSS attack ranks third in the ranking of key web application risks according to Open Source Foundation for Application Security (OWASP). This attack has not been studied for a long time. It was considered harmless. However, this is fallacious: the page or HTTP Cookie may contain very vulnerable data, such as payment document numbers or the administrator session token. Machine learning is a tool that can be used to detect XSS attacks. This article describes an experiment. As a result the model for detecting XSS attacks was created. Following machine learning algorithms are considered: the support vector method, the decision tree, the Naive Bayes classifier, and Logistic Regression. The accuracy of the presented methods is made a comparison. |
| DOI | 10.1109/GloSIC50886.2020.9267866 |
| Citation Key | kascheev_detecting_2020 |
The Detecting Cross-Site Scripting (XSS) Using Machine Learning Methods