An implementation of real-time detection of cross-site scripting attacks on cloud-based web applications using deep learning

Ayo, Isaac Odun; Abasi, Williams Toro; Adebiyi, Marion O.; Alagbe, Oladapo

doi:10.11591/eei.v10i5.3168

Cited by 9 publications

(4 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers [170] and [171] use MLP in their methods. Research [170] detects XSS using a robust ANN-based MLP scheme, using a large real-world dataset.…”

Section: •Detection Timementioning

confidence: 99%

See 1 more Smart Citation

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Faisal

Elshoush

2023

IEEE Access

View full text Add to dashboard Cite

In recent years, huge increase in attacks and data breaches is noticed. Most of the attacks are performed and focused on the vulnerabilities related to web applications. Hence, nowadays the mitigation of application vulnerabilities is an ignited research area. Thus, due to the potential high severity impacts of web application, many different approaches have been proposed in the past decades to mitigate the damages of application vulnerabilities. Static and dynamic analysis are the two main techniques used. In this paper, a new classification for web application input validation vulnerabilities is proffered. In addition, various techniques/tools that are used to detect them are analyzed and evaluated to apprehend their strengths and weaknesses. Thus, this paper provides both technical as well as literature countermeasures to input validation vulnerabilities. Moreover, various statistical distributions of the reviewed techniques were manifested and scrutinize in different aspects to reveal the perception of the prevailing techniques and the gaps in the literature. In addition, the most widespread metrics are also propounded.

show abstract

“…Researchers [170] and [171] use MLP in their methods. Research [170] detects XSS using a robust ANN-based MLP scheme, using a large real-world dataset.…”

Section: •Detection Timementioning

confidence: 99%

“…They achieve high accuracy, detection rate and AUC-ROC while maintaining low FP rate. Whereas, research [171] use MLP DL model in five phases namely extraction, feature engineering, datasets generation, then DL modeling, and classification filtering. Their experiment shows high accuracy of 99.47%.…”

Section: •Detection Timementioning

confidence: 99%

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Faisal

Elshoush

2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Ayo et al [67] made a safe framework recommendation that can be utilized to accurately and quickly identify and mitigate cross-site scripting threats in cloud-based web applications. Alabdel and Prarthana presented a technique that uses a friendly jammer and a max min optimization model to optimize the secrecy rate.…”

Section: Figure 2 Overview Of Grey Hole Attack [19]mentioning

confidence: 99%

Malicious attacks modelling: a prevention approach for ad hoc network security

Talib

Alothman

Mohammed

2023

IJEECS

View full text Add to dashboard Cite

As a result of the expansions that have taken place in the field of networking and the increase in the number of users of networks, there have recently been breakthroughs made in the techniques and methods used for network security. In this paper, a virtual private network (VPN) is proposed as a means of providing the necessary level of security for particular connections that span across vast networks. After the network performance metrics such as time delay and throughput have been accomplished, the suggested VPN is recommended for the purpose of assuring network security. In addition, artificial intelligence attack predictors and virtual private networks have been implemented with the purpose of preventing harmful activity within such connections. Using a wide variety of machine learning methods like Random Forests and Nave Bays, malicious assaults of any kind can be identified and thwarted in their tracks. Another technique for anticipating attacks is the use of an artificial neural network, which is a type of system that engages in deep learning and learns the behaviors of attacks while it is being trained so that it can then predict attacks. The results of this study demonstrate that the use of machine learning and artificial intelligence techniques can significantly improve the security and performance of virtual private networks and can effectively identify and prevent malicious attacks on networks.

show abstract

“…Ivanova and Rozeva [15] proposed an ML technique for detecting stored XSS attacks and defending a representational state transfer (REST) web service written in JAVA, which was evaluated in a specifically designed test-bed simulation environment that included the IntelliJ IDEA environment, Postman, and a web browser. A secure framework that may be used to accomplish real-time detection and mitigation of XSS attacks in cloud-based web applications via deep learning (DL) at a high level of accuracy was presented in [16]. A solution integrating three techniques to determine the most difficult attacking challenges is revealed in [17] by implementing Random Forest (RF), k-Nearest Neighbors (k-NN), logistic regression (LR), support vector machine (SVM) algorithms, content security policy (CSP) approach, web application firewall (WAF), intrusion detection and prevention system (IDS and IPS).…”

Section: Relevant Research Workmentioning

confidence: 99%

Important factors to remember when constructing a cross-site scripting prevention mechanism

et al. 2022

View full text Add to dashboard Cite

Web application has become an essential part of daily activities to provide easy accessibility that ensures better performance. It is a platform where sensitive information such as username, password, credit card details, operating system and software version. is stored that attracts intruders to generate most of their attacks. Intruders can steal valuable data by compromising web application security flaws; cross site scripting (XSS) vulnerability is one of these. Several studies have been conducted in order to prevent the XSS vulnerability. In this research, we searched Scopus Indexed articles published in the last 11 years (between 2008 and 2020) using two keywords (“XSS attack prevention” and “XSS prevention”). The purpose of this study was to conduct a literature review on XSS prevention techniques e.g., strengths and weaknesses, including structural issues and real-time deployment location in order to extract valuable information. This review identified 14 articles among the 25 selected articles that provided various suitable prevention techniques for XSS attacks. Seven articles are based on tools that have been implemented and take into account design, coding, testing, and integrating validation processes, six articles are about server site solutions, and one is about automatic mitigation solutions. As a result, this research will be invaluable in guiding the advancement of XSS prevention techniques.

show abstract

An implementation of real-time detection of cross-site scripting attacks on cloud-based web applications using deep learning

Cited by 9 publications

References 27 publications

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Malicious attacks modelling: a prevention approach for ad hoc network security

Important factors to remember when constructing a cross-site scripting prevention mechanism

Contact Info

Product

Resources

About