TY - JOUR
T1 - XSSClassifier
T2 - An efficient XSS attack detection approach based on machine learning classifier on SNSs
AU - Rathore, Shailendra
AU - Sharma, Pradip Kumar
AU - Park, Jong Hyuk
N1 - Publisher Copyright:
© 2017 KIPS.
PY - 2017
Y1 - 2017
N2 - Social networking services (SNSs) such as Twitter, MySpace, and Facebook have become progressively significant with its billions of users. Still, alongside this increase is an increase in security threats such as crosssite scripting (XSS) threat. Recently, a few approaches have been proposed to detect an XSS attack on SNSs. Due to the certain recent features of SNSs webpages such as JavaScript and AJAX, however, the existing approaches are not efficient in combating XSS attack on SNSs. In this paper, we propose a machine learningbased approach to detecting XSS attack on SNSs. In our approach, the detection of XSS attack is performed based on three features: URLs, webpage, and SNSs. A dataset is prepared by collecting 1,000 SNSs webpages and extracting the features from these webpages. Ten different machine learning classifiers are used on a prepared dataset to classify webpages into two categories: XSS or non-XSS. To validate the efficiency of the proposed approach, we evaluated and compared it with other existing approaches. The evaluation results show that our approach attains better performance in the SNS environment, recording the highest accuracy of 0.972 and lowest false positive rate of 0.87.
AB - Social networking services (SNSs) such as Twitter, MySpace, and Facebook have become progressively significant with its billions of users. Still, alongside this increase is an increase in security threats such as crosssite scripting (XSS) threat. Recently, a few approaches have been proposed to detect an XSS attack on SNSs. Due to the certain recent features of SNSs webpages such as JavaScript and AJAX, however, the existing approaches are not efficient in combating XSS attack on SNSs. In this paper, we propose a machine learningbased approach to detecting XSS attack on SNSs. In our approach, the detection of XSS attack is performed based on three features: URLs, webpage, and SNSs. A dataset is prepared by collecting 1,000 SNSs webpages and extracting the features from these webpages. Ten different machine learning classifiers are used on a prepared dataset to classify webpages into two categories: XSS or non-XSS. To validate the efficiency of the proposed approach, we evaluated and compared it with other existing approaches. The evaluation results show that our approach attains better performance in the SNS environment, recording the highest accuracy of 0.972 and lowest false positive rate of 0.87.
KW - Cross-site scripting attack detection
KW - Dataset
KW - JavaScript
KW - Machine learning classifier
KW - Social networking services
UR - https://www.scopus.com/pages/publications/85029003429
U2 - 10.3745/JIPS.03.0079
DO - 10.3745/JIPS.03.0079
M3 - Article
AN - SCOPUS:85029003429
SN - 1976-913X
VL - 13
SP - 1014
EP - 1028
JO - Journal of Information Processing Systems
JF - Journal of Information Processing Systems
IS - 4
ER -