检索结果-南通市图书馆

Deploying Hybrid EnsembleMachine Learning Techniques for Effective Cross-Site Scripting (xss) Attack detection

Computers, Materials and Continua 2024年第1期81卷 707-748页

作者： Bacha N.U. Lu S. Ur Rehman A. Idrees M. Ghadi Y.Y. Alahmadi T.J. School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan 430073 China Department of Computer Science and Engineering University of Engineering and Technology Lahore 54000 Pakistan Department of Computer Science and Software Engineering Al Ain University Al Ain Abu Abu Dhabi 12555 United Arab Emirates Department of Information Systems College of Computer and Information Sciences Princess Nourah bint Abdulrahman University Riyadh 84428 Saudi Arabia

Cross-Site Scripting (xss) remains a significant threat to web application security, exploiting vulnerabilities to hijack user sessions and steal sensitive data. Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats. This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms-Logistic Regression (LR), Support Vector Machines (SVM), eXtreme Gradient Boosting (XGBoost), Categorical Boosting (CatBoost), and Deep Neural Networks (DNN). Utilizing the xss-Attacks-2021 dataset, which comprises 460 instances across various real-world trafficrelated scenarios, this framework significantly enhances xss attack detection. Our approach, which includes rigorous feature engineering and model tuning, not only optimizes accuracy but also effectively minimizes false positives (FP) (0.13%) and false negatives (FN) (0.19%). This comprehensive methodology has been rigorously validated, achieving an unprecedented accuracy of 99.87%. The proposed system is scalable and efficient, capable of adapting to the increasing number of web applications and user demands without a decline in performance. It demonstrates exceptional real-time capabilities, with the ability to detect xss attacks dynamically, maintaining high accuracy and low latency even under significant loads. Furthermore, despite the computational complexity introduced by the hybrid ensemble approach, strategic use of parallel processing and algorithmtuning ensures that the system remains scalable and performs robustly in real-time applications. Designed for easy integration with existing web security systems, our framework supports adaptable Application Programming Interfaces (APIs) and a modular design, facilitating seamless augmentation of current defenses. This innovation represents a significant advancement in cybersecurity, offering a scalable and effective solution for securing modern web applications a

关键词： Cross-site scripting hybrid learning machine learning stacking ensemble learning xss detection

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Detecting xss with Random Forest and Multi-Channel Feature Extraction

引用

Computers, Materials & Continua 2024年第7期80卷 843-874页

作者： Qiurong Qin Yueqin Li Yajie Mi Jinhui Shen Kexin Wu Zhenzhao Wang Smart City College Beijing Union UniversityBeijing100101China

In the era of the Internet,widely used web applications have become the target of hacker attacks because they contain a large amount of personal *** these vulnerabilities,stealing private data through crosssite scripting(xss)attacks is one of the most commonly used attacks by ***,deep learning-based xss attack detection methods have good application prospects;however,they suffer from problems such as being prone to overfitting,a high false alarm rate,and low *** address these issues,we propose a multi-stage feature extraction and fusion model for xss detection based on Random Forest feature *** model utilizes RandomForests to capture the intrinsic structure and patterns of the data by extracting leaf node indices as features,which are subsequentlymergedwith the original data features to forma feature setwith richer information *** feature extraction is conducted through three parallel *** I utilizes parallel onedimensional convolutional layers(1Dconvolutional layers)with different convolutional kernel sizes to extract local features at different scales and performmulti-scale feature fusion;Channel II employsmaximum one-dimensional pooling layers(max 1D pooling layers)of various sizes to extract key features from the data;and Channel III extracts global information bi-directionally using a Bi-Directional Long-Short TermMemory Network(Bi-LSTM)and incorporates a multi-head attention mechanism to enhance global ***,effective classification and prediction of xss are performed by fusing the features of the three *** test the effectiveness of the model,we conduct experiments on six *** achieve an accuracy of 100%on the UNSW-NB15 dataset and 99.99%on the CICIDS2017 dataset,which is higher than that of the existing models.

关键词： Random forest feature enhancement three-channel parallelism xss detection

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Research on Key Technology of Web Vulnerability detection System Based on Cloud Environment

引用

International Journal of Technology Management 2013年第12期 121-124页

作者： Zhang Zhen Electronic Technology Dept. Engineering University of Armed Police Force Xi'an Shanxi

In the light of the defect of web vulnerability detection system, combined with the characteristics of high efficient and sharing in the cloud environment, a design proposal is presented based on cloud environment, which analyses the key technology of gaining the URL, task allocation and scheduling and the design of attack detection. Experiment shows its feasibility and effectiveness in this paper.

关键词： cloud technology web crawler task allocation and scheduling detection of SQL injection xss detection

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：