Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach

作     者：Muralitharan Krishnan Yongdo Lim Seethalakshmi Perumal Gayathri Palanisamy Muralitharan Krishnan;Yongdo Lim;Seethalakshmi Perumal;Gayathri Palanisamy

作者机构：IMSSungkyunkwan UniversitySuwon16419South Korea Department of MathematicsSungkyunkwan UniversitySuwon16419South Korea Department of Information TechnologyMadras Institute of TechnologyChennaiIndia Department of MathematicsPSG College of Arts and ScienceTamilnaduIndia 

出 版 物：《Digital Communications and Networks》 (数字通信与网络（英文版）)

年 卷 期：2024年第10卷第3期

页      面：716-727页

核心收录：

学科分类：0839[工学-网络空间安全] 08[工学] 

基　　金：supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MEST)No.2015R1A3A2031159 2016R1A5A1008055 

主　　题：Machine learning Deep neural networks Classification Stacking ensemble XSS attack URL encoding JScript/JavaScript Web security 

摘      要：Existing web-based security applications have failed in many situations due to the great intelligence of *** web applications,Cross-Site Scripting(XSS)is one of the dangerous assaults experienced while modifying an organization s or user s *** avoid these security challenges,this article proposes a novel,all-encompassing combination of machine learning(NB,SVM,k-NN)and deep learning(RNN,CNN,LSTM)frameworks for detecting and defending against XSS attacks with high accuracy and *** on the representation,a novel idea for merging stacking ensemble with web applications,termed“hybrid stacking,is *** order to implement the aforementioned methods,four distinct datasets,each of which contains both safe and unsafe content,are *** hybrid detection method can adaptively identify the attacks from the URL,and the defense mechanism inherits the advantages of URL encoding with dictionary-based mapping to improve prediction accuracy,accelerate the training process,and effectively remove the unsafe JScript/JavaScript keywords from the *** simulation results show that the proposed hybrid model is more efficient than the existing detection *** produces more than 99.5%accurate XSS attack classification results(accuracy,precision,recall,f1_score,and Receiver Operating Characteristic(ROC))and is highly resistant to XSS *** order to ensure the security of the server s information,the proposed hybrid approach is demonstrated in a real-time environment.