Inicio  /  Applied Sciences  /  Vol: 13 Par: 13 (2023)  /  Artículo
ARTÍCULO
TITULO

Detection of Reflected XSS Vulnerabilities Based on Paths-Attention Method

Xiaobo Tan    
Yingjie Xu    
Tong Wu and Bohan Li    

Resumen

Cross-site scripting vulnerability (XSS) is one of the most frequently exploited and harmful vulnerabilities among web vulnerabilities. In recent years, many researchers have used different machine learning methods to detect network attacks, but these methods have not achieved high accuracy and recall rates and cannot effectively combat XSS attacks. Designing a model that can achieve high accuracy and truly proactive defense against reflected XSS vulnerabilities has become a top priority for maintaining user network security at this stage. In this paper, we propose a detection model for reflected XSS vulnerabilities based on the paths-attention method (PATS model). Firstly, the model converts vulnerability data into an intermediate representation of abstract syntax trees, then traverses the abstract syntax tree to generate multiple sets of syntactic paths, and then converts them into vector representations through word embedding matrices. The model extracts semantic features using attention mechanisms to improve training effectiveness by assigning appropriate weights to different sets of syntactic paths as it learns with neural networks, which realizes the transformation from passive defense to active defense. Additionally, in the dataset processing section, we point out the shortcomings of current research datasets and construct a reliable dataset composed of 1000 malicious samples from NIST and 10,000 benign samples from GitHub for experimentation purposes. Experimental results show that compared with other machine learning models, the paths-attention method can achieve an accuracy rate of 90.25% and F1-score of 81.62%, while reducing the training time by half to 30 h.

 Artículos similares

       
 
Aris Ikiades    
Ice accretion on an aircraft affects the aerodynamic performance of the wings by disrupting the airflow, increasing drag, and altering its flight characteristics, leading to a main or tail wing-stall and altimetry to aircraft loss. The current generation... ver más
Revista: Aerospace

 
Haiming Liu, Bo Xu and Bin Liu    
Underwater target search and tracking has become a technical hotspot in underwater sensor networks (UWSNs). Unfortunately, the complex and changeable marine environment creates many obstacles for localization and tracking. This paper proposes an automati... ver más

 
Jinzhong Zhao, Jin Wu and Kaixin Chen    
The ultrasonic transmission detection method is used to investigate the applicability for the second-harmonic generation (SHG) technology of longitudinal wave to quantitatively assess carbonated concrete. The principal of this method is to use the piezoe... ver más
Revista: Applied Sciences

 
Yahya Tashtoush, Israa Haj-Mahmoud, Omar Darwish, Majdi Maabreh, Belal Alsinglawi, Mahmoud Elkhodr and Nasser Alsaedi    
In this study, an effective local minima detection and definition algorithm is introduced for a mobile robot navigating through unknown static environments. Furthermore, five approaches are presented and compared with the popular approach wall-following ... ver más
Revista: Computers

 
Naomasa Oshiro, Takumi Tomikawa, Kyoko Kuniyoshi, Akira Ishikawa, Hajime Toyofuku, Takashi Kojima and Hiroshi Asakura    
Ciguatera fish poisoning (CFP) is one of the most frequently reported seafood poisoning diseases. It is endemic to the tropical region and occurs most commonly in the regions around the Pacific Ocean, Indian Ocean, and Caribbean Sea. The principal toxins... ver más