An efficient artificial intelligence approach for early detection of cross-site scripting attacks
Cross-Site Scripting (XSS) attacks continue to pose a significant threat to web applications, compromising the security and integrity of user data. XSS is a web application vulnerability where malicious scripts are injected into websites, allowing attackers to execute arbitrary code in the victim’s...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , , , , |
| منشور في: |
2024
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | https://depot.sorbonne.ae/handle/20.500.12458/1580 |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| _version_ | 1857415063948754944 |
|---|---|
| author | Younas, Faizan |
| author2 | Raza, Ali Thalji, Nisrean Abualigah, Laith Abu Zitar, Raed Jia, Heming |
| author2_role | author author author author author |
| author_facet | Younas, Faizan Raza, Ali Thalji, Nisrean Abualigah, Laith Abu Zitar, Raed Jia, Heming |
| author_role | author |
| dc.creator.none.fl_str_mv | Younas, Faizan Raza, Ali Thalji, Nisrean Abualigah, Laith Abu Zitar, Raed Jia, Heming |
| dc.date.none.fl_str_mv | 2024-04-22T08:24:35Z 2024-04-22T08:24:35Z 2024 |
| dc.format.none.fl_str_mv | application/pdf |
| dc.identifier.none.fl_str_mv | 2772-6622 https://depot.sorbonne.ae/handle/20.500.12458/1580 10.1016/j.dajour.2024.100466 |
| dc.language.none.fl_str_mv | en |
| dc.relation.none.fl_str_mv | Decision Analytics Journal |
| dc.subject.none.fl_str_mv | Artificial intelligence Machine learning Deep learning Feature fusion Feature engineering Cross-site scripting attacks |
| dc.title.none.fl_str_mv | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| dc.type.none.fl_str_mv | Controlled Vocabulary for Resource Type Genres::text::periodical::journal::contribution to journal::journal article |
| description | Cross-Site Scripting (XSS) attacks continue to pose a significant threat to web applications, compromising the security and integrity of user data. XSS is a web application vulnerability where malicious scripts are injected into websites, allowing attackers to execute arbitrary code in the victim’s browser. The consequences of XSS attacks can be severe, ranging from financial losses to compromising sensitive user information. XSS attacks enable attackers to deface websites, distribute malware, or launch phishing campaigns, compromising the trust and reputation of affected organizations. This study proposes an efficient artificial intelligence approach for the early detection of XSS attacks, utilizing machine learning and deep learning approaches, including Long Short-Term Memory (LSTM). Additionally, advanced feature engineering techniques, such as the Term Frequency-Inverse Document Frequency (TFIDF), are applied and compared to evaluate results. We introduce a novel approach named LSTM-TFIDF (LSTF) for feature extraction, which combines temporal and TFIDF features from the cross-site scripting dataset, resulting in a new feature set. Extensive research experiments demonstrate that the random forest method achieved a high performance of 0.99, outperforming state-of-the-art approaches using the proposed features. A k-fold cross-validation mechanism is utilized to validate the performance of applied methods, and hyperparameter tuning further enhances the performance of XSS attack detection. We have applied Explainable Artificial Intelligence (XAI) to understand the interpretability and transparency of the proposed model in detecting XSS attacks. This study makes a valuable contribution to the growing body of knowledge on XSS attacks and provides an efficient model for developers and security practitioners to enhance the security of web applications. |
| id | sorbonner_1e288d5a2ed442c4daebc54a083feeb1 |
| identifier_str_mv | 2772-6622 10.1016/j.dajour.2024.100466 |
| language_invalid_str_mv | en |
| network_acronym_str | sorbonner |
| network_name_str | Sorbonne University Abu Dhabi repository |
| oai_identifier_str | oai:depot.sorbonne.ae:20.500.12458/1580 |
| publishDate | 2024 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | An efficient artificial intelligence approach for early detection of cross-site scripting attacksYounas, FaizanRaza, AliThalji, NisreanAbualigah, LaithAbu Zitar, RaedJia, HemingArtificial intelligenceMachine learningDeep learningFeature fusionFeature engineeringCross-site scripting attacksCross-Site Scripting (XSS) attacks continue to pose a significant threat to web applications, compromising the security and integrity of user data. XSS is a web application vulnerability where malicious scripts are injected into websites, allowing attackers to execute arbitrary code in the victim’s browser. The consequences of XSS attacks can be severe, ranging from financial losses to compromising sensitive user information. XSS attacks enable attackers to deface websites, distribute malware, or launch phishing campaigns, compromising the trust and reputation of affected organizations. This study proposes an efficient artificial intelligence approach for the early detection of XSS attacks, utilizing machine learning and deep learning approaches, including Long Short-Term Memory (LSTM). Additionally, advanced feature engineering techniques, such as the Term Frequency-Inverse Document Frequency (TFIDF), are applied and compared to evaluate results. We introduce a novel approach named LSTM-TFIDF (LSTF) for feature extraction, which combines temporal and TFIDF features from the cross-site scripting dataset, resulting in a new feature set. Extensive research experiments demonstrate that the random forest method achieved a high performance of 0.99, outperforming state-of-the-art approaches using the proposed features. A k-fold cross-validation mechanism is utilized to validate the performance of applied methods, and hyperparameter tuning further enhances the performance of XSS attack detection. We have applied Explainable Artificial Intelligence (XAI) to understand the interpretability and transparency of the proposed model in detecting XSS attacks. This study makes a valuable contribution to the growing body of knowledge on XSS attacks and provides an efficient model for developers and security practitioners to enhance the security of web applications.2024-04-22T08:24:35Z2024-04-22T08:24:35Z2024Controlled Vocabulary for Resource Type Genres::text::periodical::journal::contribution to journal::journal articleapplication/pdf2772-6622https://depot.sorbonne.ae/handle/20.500.12458/158010.1016/j.dajour.2024.100466enDecision Analytics Journaloai:depot.sorbonne.ae:20.500.12458/15802024-08-14T05:46:19Z |
| spellingShingle | An efficient artificial intelligence approach for early detection of cross-site scripting attacks Younas, Faizan Artificial intelligence Machine learning Deep learning Feature fusion Feature engineering Cross-site scripting attacks |
| title | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| title_full | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| title_fullStr | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| title_full_unstemmed | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| title_short | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| title_sort | An efficient artificial intelligence approach for early detection of cross-site scripting attacks |
| topic | Artificial intelligence Machine learning Deep learning Feature fusion Feature engineering Cross-site scripting attacks |
| url | https://depot.sorbonne.ae/handle/20.500.12458/1580 |