MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique

MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique

Dynamic web applications play a vital role in providing resources manipulation and interaction between clients and servers. The features presently supported by browsers have raised business opportunities, by supplying high interactivity in web-based services, like web banking, e-commerce, social net...

Full description

Bibliographic Details
Main Authors: Fawaz Mahiuob Mohammed Mokbal, Wang Dan, Azhar Imran, Lin Jiuchuan, Faheem Akhtar, Wang Xiaoxi
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
Artificial neural network
cross-site scripting attack
detection
multilayer perceptrons
web application security
Online Access:https://ieeexplore.ieee.org/document/8756243/
id doaj-e84e14b8bbab42f38f6314ef6119457d
record_format Article
spelling doaj-e84e14b8bbab42f38f6314ef6119457d2021-04-05T17:19:07ZengIEEEIEEE Access2169-35362019-01-01710056710058010.1109/ACCESS.2019.29274178756243MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron TechniqueFawaz Mahiuob Mohammed Mokbal0https://orcid.org/0000-0002-2905-4729Wang Dan1Azhar Imran2https://orcid.org/0000-0003-3598-2780Lin Jiuchuan3Faheem Akhtar4https://orcid.org/0000-0001-6755-1972Wang Xiaoxi5College of Computer Science, Beijing University of Technology, Beijing, ChinaCollege of Computer Science, Beijing University of Technology, Beijing, ChinaCollege of Software Engineering, Beijing University of Technology, Beijing, ChinaKey Laboratory of Information Network Security of Ministry of Public Security, The Third Research Institute of Ministry of Public Security, Shanghai, ChinaCollege of Software Engineering, Beijing University of Technology, Beijing, ChinaState Grid Management College, Beijing, ChinaDynamic web applications play a vital role in providing resources manipulation and interaction between clients and servers. The features presently supported by browsers have raised business opportunities, by supplying high interactivity in web-based services, like web banking, e-commerce, social networking, forums, and at the same time, these features have brought serious risks and increased vulnerabilities in web applications that enable cyber-attacks to be executed. One of the common high-risk cyber-attack of web application vulnerabilities is cross-site scripting (XSS). Nowadays, XSS is still dramatically increasing and considered as one of the most severe threats for organizations, users, and developers. If the ploy is successful, the victim is at the mercy of the cybercriminals. In this research, a robust artificial neural network-based multilayer perceptron (MLP) scheme integrated with the dynamic feature extractor is proposed for XSS attack detection. The detection scheme adopts a large real-world dataset, the dynamic features extraction mechanism, and MLP model, which successfully surpassed several tests on an employed unique dataset under careful experimentation, and achieved promising and state-of-the-art results with accuracy, detection probabilities, false positive rate, and AUC-ROC scores of 99.32%, 98.35 %, 0.3%, and 99.02%, respectively. Therefore, it has the potentials to be applied for XSS-based attack detection in either the client-side or the server-side.https://ieeexplore.ieee.org/document/8756243/Artificial neural networkcross-site scripting attackdetectionmultilayer perceptronsweb application security
collection DOAJ
language English
format Article
sources DOAJ
author Fawaz Mahiuob Mohammed Mokbal
Wang Dan
Azhar Imran
Lin Jiuchuan
Faheem Akhtar
Wang Xiaoxi
spellingShingle Fawaz Mahiuob Mohammed Mokbal
Wang Dan
Azhar Imran
Lin Jiuchuan
Faheem Akhtar
Wang Xiaoxi
MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
IEEE Access
Artificial neural network
cross-site scripting attack
detection
multilayer perceptrons
web application security
author_facet Fawaz Mahiuob Mohammed Mokbal
Wang Dan
Azhar Imran
Lin Jiuchuan
Faheem Akhtar
Wang Xiaoxi
author_sort Fawaz Mahiuob Mohammed Mokbal
title MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
title_short MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
title_full MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
title_fullStr MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
title_full_unstemmed MLPXSS: An Integrated XSS-Based Attack Detection Scheme in Web Applications Using Multilayer Perceptron Technique
title_sort mlpxss: an integrated xss-based attack detection scheme in web applications using multilayer perceptron technique
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2019-01-01
description Dynamic web applications play a vital role in providing resources manipulation and interaction between clients and servers. The features presently supported by browsers have raised business opportunities, by supplying high interactivity in web-based services, like web banking, e-commerce, social networking, forums, and at the same time, these features have brought serious risks and increased vulnerabilities in web applications that enable cyber-attacks to be executed. One of the common high-risk cyber-attack of web application vulnerabilities is cross-site scripting (XSS). Nowadays, XSS is still dramatically increasing and considered as one of the most severe threats for organizations, users, and developers. If the ploy is successful, the victim is at the mercy of the cybercriminals. In this research, a robust artificial neural network-based multilayer perceptron (MLP) scheme integrated with the dynamic feature extractor is proposed for XSS attack detection. The detection scheme adopts a large real-world dataset, the dynamic features extraction mechanism, and MLP model, which successfully surpassed several tests on an employed unique dataset under careful experimentation, and achieved promising and state-of-the-art results with accuracy, detection probabilities, false positive rate, and AUC-ROC scores of 99.32%, 98.35 %, 0.3%, and 99.02%, respectively. Therefore, it has the potentials to be applied for XSS-based attack detection in either the client-side or the server-side.
topic Artificial neural network
cross-site scripting attack
detection
multilayer perceptrons
web application security
url https://ieeexplore.ieee.org/document/8756243/
work_keys_str_mv AT fawazmahiuobmohammedmokbal mlpxssanintegratedxssbasedattackdetectionschemeinwebapplicationsusingmultilayerperceptrontechnique
AT wangdan mlpxssanintegratedxssbasedattackdetectionschemeinwebapplicationsusingmultilayerperceptrontechnique
AT azharimran mlpxssanintegratedxssbasedattackdetectionschemeinwebapplicationsusingmultilayerperceptrontechnique
AT linjiuchuan mlpxssanintegratedxssbasedattackdetectionschemeinwebapplicationsusingmultilayerperceptrontechnique
AT faheemakhtar mlpxssanintegratedxssbasedattackdetectionschemeinwebapplicationsusingmultilayerperceptrontechnique
AT wangxiaoxi mlpxssanintegratedxssbasedattackdetectionschemeinwebapplicationsusingmultilayerperceptrontechnique
_version_ 1721539970037972992

Similar Items