Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach

Muralitharan Krishnan; Yongdo Lim; Seethalakshmi Perumal; Gayathri Palanisamy

doi:10.1016/j.dcan.2022.09.024

›› 2024, Vol. 10 ›› Issue (3) :716 -727. DOI: 10.1016/j.dcan.2022.09.024

Research article

research-article

Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach

Author information +

History +

PDF

Abstract

Existing web-based security applications have failed in many situations due to the great intelligence of attackers. Among web applications, Cross-Site Scripting (XSS) is one of the dangerous assaults experienced while modifying an organization's or user's information. To avoid these security challenges, this article proposes a novel, all-encompassing combination of machine learning (NB, SVM, k-NN) and deep learning (RNN, CNN, LSTM) frameworks for detecting and defending against XSS attacks with high accuracy and efficiency. Based on the representation, a novel idea for merging stacking ensemble with web applications, termed “hybrid stacking”, is proposed. In order to implement the aforementioned methods, four distinct datasets, each of which contains both safe and unsafe content, are considered. The hybrid detection method can adaptively identify the attacks from the URL, and the defense mechanism inherits the advantages of URL encoding with dictionary-based mapping to improve prediction accuracy, accelerate the training process, and effectively remove the unsafe JScript/JavaScript keywords from the URL. The simulation results show that the proposed hybrid model is more efficient than the existing detection methods. It produces more than 99.5% accurate XSS attack classification results (accuracy, precision, recall, f1_score, and Receiver Operating Characteristic (ROC)) and is highly resistant to XSS attacks. In order to ensure the security of the server's information, the proposed hybrid approach is demonstrated in a real-time environment.

Keywords

Machine learning / Deep neural networks / Classification / Stacking ensemble / XSS attack / URL encoding / JScript/JavaScript / Web security

Cite this article

Download citation ▾

Muralitharan Krishnan, Yongdo Lim, Seethalakshmi Perumal, Gayathri Palanisamy. Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach. , 2024, 10(3): 716-727 DOI:10.1016/j.dcan.2022.09.024

登录浏览全文

4963

注册一个新账户忘记密码

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Statista, Online report, source url: https://www.statista.com/markets/424/topic/537/demographics-use, 2020 (Accessed 10 October 2020).

[2]	B.A. Tama, L. Nkenyereye, S.M.R. Islam, K. Kwak, An enhanced anomaly detection in web trafﬁc using a stack of classiﬁer ensemble, IEEE Access 8 (2020) 24120-24134.

[3]	X. Yao, F. Farha, R. Li, I. Psychoula, L. Chen, H. Ning, Security and privacy issues of physical objects in the iot: challenges and opportunities, Digit. Commun. Network 7 (3) (2021) 373-384.

[4]	I.A. Sumra, H.B. Hasbullah, J.-l. B. AbManan, Attacks on security goals (conﬁdentiality, integrity, availability) in vanet: a survey,in: A. Laouiti, A. Qayyum, M. N. Mohamad Saad (Vehicular Ad-hoc Networks for Smart Cities,Eds.), Springer Singapore, Singapore, 2015, pp. 51-61.

[5]	Latifa Ben Arfa Rabai, Mouna Jouini, Anis Ben Aissa, Mili Ali, A cybersecurity model in cloud computing environments, J. King Saud Univ. Comput. Inf. Sci. 25 (1)(2013) 63-75.

[6]	M. Liu, B. Zhang, W. Chen, X. Zhang, A survey of exploitation and detection methods of xss vulnerabilities, IEEE Access 7 (2019) 182004-182016.

[7]	Webarxsecurity,Website Hacking Statistics in 2020, 2020 source url: https://www.webarxsecurity.com/website-hacking-statistics-2018-february/ (Accessed 10 Oct. 2020).

[8]	Q. Li, F. Wang, J. Wang, W. Li, Lstm-based sql injection detection method for intelligent transportation system, IEEE Trans. Veh. Technol. 68 (5) (2019) 4182-4191.

[9]	Q. Yan, F.R. Yu, Q. Gong, J. Li, Software-deﬁned networking (sdn) and distributed denial of service (ddos) attacks in cloud computing environments: a survey, some research issues, and challenges, IEEE Commun. Surv. Tutorials 18 (1) (2016) 602-622.

[10]	S. Salamatian, W. Huleihel, A. Beirami, A. Cohen, M. Medard, Centralized vs decentralized targeted brute-force attacks: guessing with side-information, IEEE Trans. Inf. Forensics Secur. 15 (2020) 3749-3759.

[11]	M. Zhang, L. Wang, S. Jajodia, A. Singhal, Network attack surface: lifting the concept of attack surface to the network level for evaluating networks’ resilience against zero-day attacks, IEEE Trans. Dependable Secure Comput. 18 (1) (2021) 310-324.

[12]	Online, Owasp top ten, source url: https://owasp.org/www-project-top-ten/, url ¼ https://owasp.org/www-project-top-ten/, year ¼ 2020 (Accessed 10 Oct. 2020).

[13]	S. Gupta, B. Gupta, Cross-site scripting (xss) attacks and defense mechanisms: classiﬁcation and state-of-the-art, Int. J. Syst. Assur. Eng. Manag. 8 (2017) 512-530.

[14]	X. Luo, J. Li, W. Wang, Y. Gao, W. Zhao, Towards improving detection performance for malware with correntropy-based deep learning method, Digit. Commun. Networks 7 (4) (2021) 570-579.

[15]

I. Parameshwaran, E. Budianto, S. Shinde, H. Dang, A. Sadhu, P. Saxena, Dexterjs: robust testing platform for dom-based xss vulnerabilities,in:Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, Association for Computing Machinery, ACM, 2015, pp. 946-949.

[16]	S. Lekies, B. Stock, M. Johns, 25 million flows later: large-scale detection of dom-based xss,in:Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS ’13, Association for Computing Machinery, ACM, 2013, pp. 1193-1204.

[17]	B. Stock, S. Lekies, T. Mueller, P. Spiegel, M. Johns, Precise client-side protection against dom-based cross-site scripting, in: Proceedings of the 23rd USENIX Conference on Security Symposium, SEC’14, USENIX Association, 2014, pp. 655-670.

[18]	J. Mack, Y.-H.F. Hu, M.A. Hoppa, A study of existing cross-site scripting detection and prevention techniques using xampp and virtualbox, Va. J. Sci. 70 (2019) 1.

[19]	L.K. Shar, L.C. Briand, H.B.K. Tan, Web application vulnerability prediction using hybrid program analysis and machine learning, IEEE Trans. Dependable Secure Comput. 12 (6) (2015) 688-707.

[20]	R. Yang, D. Qu, Y. Gao, Y. Qian, Y. Tang, nlsalog: an anomaly detection framework for log sequence in security management, IEEE Access 7 (2019) 181152-181164.

[21]	S. Wang, X. Wang, S. Wang, D. Wang, Bi-directional long short-term memory method based on attention mechanism and rolling update for short-term load forecasting, Int. J. Electr. Power Energy Syst. 109 (2019) 470-479, https://doi.org/ 10.1016/j.ijepes.2019.02.022.

[22]	P. Prakash, M. Kumar, R.R. Kompella, M. Gupta, Phishnet: Predictive Blacklisting to Detect Phishing Attacks, 2010 Proceedings IEEE INFOCOM, 2010, pp. 1-5.

[23]	B. Sun, M. Akiyama, T. Yagi, M. Hatada, T. Mori, Automating url blacklist generation with similarity search approach, IEICE Trans. Info Syst. E99D (4) (2016) 873-882.

[24]	J. Ma, L.K. Saul, S. Savage, G.M. Voelker, Beyond blacklists: learning to detect malicious web sites from suspicious urls,in:Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD ’09, Association for Computing Machinery, ACM, 2009, pp. 1245-1254.

[25]

R. Wang, X. Jia, Q. Li, S. Zhang, Machine learning based cross-site scripting detection in online social network, in: 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS), 2014, pp. 823-826, https://doi.org/10.1109/HPCC.2014.137.

[26]	S.P.K. Rathore, Shailendra, J.H. Park, Xssclassiﬁer: an efﬁcient xss attack detection approach based on machine learning classiﬁer on snss, J. Inf. Process. Syst. 13 (4)(2017) 1014-1028.

[27]

J. Yang, P. Yang, X. Jin, Q. Ma, Multi-classiﬁcation for malicious url based on improved semi-supervised algorithm, in: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), vol. 1, 2017, pp. 143-150, https://doi.org/10.1109/CSE-EUC.2017.34.

[28]	Y. Wang, W.-d. Cai, P.-c. Wei, A deep learning approach for detecting malicious javascript code, Secur. Commun. Network. 9 (11) (2016) 1520-1534.

[29]	Y. Fang, Y. Li, L. Liu, C. Huang, Deepxss: cross site scripting detection based on deep learning,in:Proceedings of the 2018 International Conference on Computing and Artiﬁcial Intelligence, ICCAI 2018, Association for Computing Machinery, ACM, 2018, pp. 47-51.

[30]	J. Saxe, K. Berlin, Expose: A Character-Level Convolutional Neural Network with Embeddings for Detecting Malicious Urls, File Paths and Registry Keys, CoRR. arXiv:1702.08568.

[31]	A.M. Vartouni, S.S. Kashi, M. Teshnehlab, An anomaly detection method to detect web attacks using stacked auto-encoder, in: 2018 6th Iranian Joint Congress on Fuzzy and Intelligent Systems, CFIS, 2018, pp. 131-134.

[32]	D. Kar, S. Panigrahi, S. Sundararajan, Sqlidds: sql injection detection using query transformation and document similarity,in: R. Natarajan, G. Barua, M.R. Patra (Distributed Computing and Internet Technology,Eds.), Springer International Publishing, Cham, 2015, pp. 377-390.

[33]	A.C. Bahnsen, E.C. Bohorquez, S. Villegas, J. Vargas, F.A. Gonzalez, Classifying phishing urls using recurrent neural networks, in: 2017 APWG Symposium on Electronic Crime Research (eCrime), APWG, 2017, pp. 1-8.

[34]	N. Shone, T.N. Ngoc, V.D. Phai, Q. Shi, A deep learning approach to network intrusion detection, IEEE Trans. Emerg. Top. Comput. Intell. 2 (1) (2018) 41-50.

[35]	F.M.M. Mokbal, W. Dan, A. Imran, L. Jiuchuan, F. Akhtar, W. Xiaoxi, Mlpxss: an integrated xss-based attack detection scheme in web applications using multilayer perceptron technique, IEEE Access 7 (2019) 100567-100580.

[36]	Z. Xue, J. Wei, W. Guo, A real-time naive bayes classiﬁer accelerator on fpga, IEEE Access 8 (2020) 40755-40766.

[37]	L. Dou, X. Li, H. Ding, L. Xu, H. Xiang, irna-m5cnb: a novel predictor to identify rna 5-methylcytosine sites based on the naive bayes classiﬁer, IEEE Access 8 (2020) 84906-84917.

[38]	X. Liu, R. Lu, J. Ma, L. Chen, B. Qin, Privacy-preserving patient-centric clinical decision support system on naïve bayesian classiﬁcation, IEEE J. Biomed. Health Inf. 20 (2) (2016) 655-668.

[39]	R.M.A. Mohammad, An enhanced multiclass support vector machine model and its application to classifying ﬁle systems affected by a digital crime, J. King Saud Univ. Comput. Inf. Sci. 34 (2) (2022) 179-190.

[40]	S. Kalyani, K. Shanti Swarup, Classiﬁcation and assessment of power system security using multiclass svm, IEEE Trans. Syst. Man Cybern. C (Appl. Rev.) 41 (5)(2011) 753-758.

[41]	N.R. Sabar, X. Yi, A. Song, A bi-objective hyper-heuristic support vector machines for big data cyber-security, IEEE Access 6 (2018) 10421-10431.

[42]	X. Zhao, J. Zhang, X. Qin, k nn-dp: Handling data skewness in knn joins using mapreduce, IEEE Trans. Parallel Distr. Syst. 29 (3) (2018) 600-613.

[43]	S. Zhang, X. Li, M. Zong, X. Zhu, R. Wang, Efﬁcient knn classiﬁcation with different numbers of nearest neighbors, IEEE Transact. Neural Networks Learn. Syst. 29 (5)(2018) 1774-1785.

[44]	Y. Liang, C. Sun, J. Jiang, X. Liu, H. He, Y. Xie, An efﬁciency-improved clustering algorithm based on knn under ultra-dense network, IEEE Access 8 (2020) 43796-43805.

[45]	L. Fan, L. Liu, H. Gao, Z. Ma, Y. Wu, Secure k-nearest neighbor queries in two-tiered mobile wireless sensor networks, Digit. Commun. Network 7 (2) (2021) 247-256.

[46]	C. Liao, H. Shuai, L. Wang, Rnn-assisted network coding for secure heterogeneous internet of things with unreliable storage, IEEE Internet Things J. 6 (5) (2019) 7608-7622.

[47]	Z. Lin, Y. Huang, J. Wang, Rnn-sm: fast steganalysis of voip streams using recurrent neural network, IEEE Trans. Inf. Forensics Secur. 13 (7) (2018) 1854-1868.

[48]	S. Akcay, M.E. Kundegorski, C.G. Willcocks, T.P. Breckon, Using deep convolutional neural network architectures for object classiﬁcation and detection within x-ray baggage security imagery, IEEE Trans. Inf. Forensics Secur. 13 (9) (2018) 2203-2215.

[49]	G.H. Minari, F.A.d. Silva, D.R. Pereira, L.L.d. Almeida, M.A. Pazoti, A.O. Artero, V. H. Albuquerque, Anomalies identiﬁcation in images from security video cameras using mask r-cnn, IEEE Latin Am. Trans. 18 (3) (2020) 530-536.

[50]	P. Ma, B. Jiang, Z. Lu, N. Li, Z. Jiang, Cybersecurity named entity recognition using bidirectional long short-term memory with conditional random ﬁelds, Tsinghua Sci. Technol. 26 (3) (2021) 259-265.

[51]	J. Han, H. Liu, M. Wang, Z. Li, Y. Zhang, Era-lstm: an efﬁcient reram-based architecture for long short-term memory, IEEE Trans. Parallel Distr. Syst. 31 (6)(2020) 1328-1342.

[52]	Github, Xss-payloads, online data, https://github.com/pgaijin66/xss-payloads/blob/master/payload/payload.txt, 2020. (Accessed October 2020).

[53]	Kaggle, Url Classiﬁcation Dataset online data, 2020. source url: https://www.kaggle.com/shawon10/url-classiﬁcation-dataset-dmoz?select¼urlþclassiﬁcation.csv. (Accessed October 2020).

[54]	Github, Cross site scripting (xss) vulnerability payload list, source url : https://github.com/ismailtasdelen/xss-payload-list, 2020.

[55]	Github, Seclists,2020 source url : https://github.com/danielmiessler/seclists/tree/master/miscellaneous/web.

[56]	X. Xie, C. Ren, Y. Fu, J. Xu, J. Guo, Sql injection detection for web applications based on elastic-pooling cnn, IEEE Access 7 (2019) 151475-151481.