Abstract

AbstractCross‐site scripting (XSS) attack has been one of the most dangerous attacks in cyberspace security. Traditional methods essentially discover XSS attack by detecting malicious payloads in requests, which is unable to distinguish attacking attempts with the attacking reality. The authors collect responses from a web server and train a bagging‐based PU learning model to determine whether the XSS vulnerability is truly triggered. To validate the authors’ proposed framework, experiments are performed on 5 popular web applications with 11 specified CVE recorded vulnerabilities and 32 vulnerable inputs. Results show that the authors’ approach outperforms existing research studies, effectively identifies the attacking reality from attacking attempts, and meanwhile reduces the number of worthless security alarms.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
DoubleR: Effective XSS attacking reality detection
Wenbo Wang ... Huikai Xu
Computer Networks | VOL. 251
Wenbo Wang, et. al.Wenbo Wang ... Huikai Xu
08 Jun 2024
A formal qualitative risk management approach for IT security
Bessy Mahopo ... Mathias Mujinga
-
Bessy Mahopo, et. al.Bessy Mahopo ... Mathias Mujinga
01 Aug 2015
Chapter 6 - Web User Hacking
Josh Pauli
The Basics of Web Hacking | VOL. -
Josh PauliJosh Pauli
01 Jan 2013
Detection of Web Cross-Site Scripting (XSS) Attacks
Mohammad Alsaffar ... Tariq S. Almurayziq
Electronics | VOL. 11
Mohammad Alsaffar, et. al.Mohammad Alsaffar ... Tariq S. Almurayziq
15 Jul 2022
View more papers

More From: IET Networks

Paper Title
Journal
Date
Author
Variance‐driven security optimisation in industrial IoT sensors
Hardik Gupta ... Kwok Tai Chui
IET Networks | VOL. -
Hardik Gupta, et. al.Hardik Gupta ... Kwok Tai Chui
16 Nov 2024
Experimental assessment of containers running on top of virtual machines
Hossein Aqasizade ... Mostafa Bastam
IET Networks | VOL. -
Hossein Aqasizade, et. al.Hossein Aqasizade ... Mostafa Bastam
10 Nov 2024
Smart forest monitoring: A novel Internet of Things framework with shortest path routing for sustainable environmental management
Alireza Etaati ... Ehsan Ataie
IET Networks | VOL. -
Alireza Etaati, et. al.Alireza Etaati ... Ehsan Ataie
22 Oct 2024
Analysing the performance of AODV, OLSR, and DSDV routing protocols in VANET based on the ECIE method
Moawiah El‐Dalahmeh ... Usman Adeel
IET Networks | VOL. -
Moawiah El‐Dalahmeh, et. al.Moawiah El‐Dalahmeh ... Usman Adeel
17 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.