Preventing Cross-Site Scripting Attacks by Combining Classifiers

Fawaz A. Mereani, Jacob M. Howe

2018

Abstract

Cross-Site Scripting (XSS) is one of the most popular attacks targeting web applications. Using XSS attackers can obtain sensitive information or obtain unauthorized privileges. This motivates building a system that can recognise a malicious script when the attacker attempts to store it on a server, preventing the XSS attack. This work uses machine learning to power such a system. The system is based on a combination of classifiers, using cascading to build a two phase classifier and the stacking ensemble technique to improve accuracy. The system is evaluated and shown to achieve high accuracy and high detection rate on a large real world dataset.

Download


Paper Citation


in Harvard Style

Mereani F. and Howe J. (2018). Preventing Cross-Site Scripting Attacks by Combining Classifiers. In Proceedings of the 10th International Joint Conference on Computational Intelligence (IJCCI 2018) - Volume 1: IJCCI; ISBN 978-989-758-327-8, SciTePress, pages 135-143. DOI: 10.5220/0006894901350143


in Bibtex Style

@conference{ijcci18,
author={Fawaz A. Mereani and Jacob M. Howe},
title={Preventing Cross-Site Scripting Attacks by Combining Classifiers},
booktitle={Proceedings of the 10th International Joint Conference on Computational Intelligence (IJCCI 2018) - Volume 1: IJCCI},
year={2018},
pages={135-143},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006894901350143},
isbn={978-989-758-327-8},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Joint Conference on Computational Intelligence (IJCCI 2018) - Volume 1: IJCCI
TI - Preventing Cross-Site Scripting Attacks by Combining Classifiers
SN - 978-989-758-327-8
AU - Mereani F.
AU - Howe J.
PY - 2018
SP - 135
EP - 143
DO - 10.5220/0006894901350143
PB - SciTePress