Visible to the public Detecting Blind Cross-Site Scripting Attacks Using Machine Learning

TitleDetecting Blind Cross-Site Scripting Attacks Using Machine Learning
Publication TypeConference Paper
Year of Publication2018
AuthorsKaur, Gurpreet, Malik, Yasir, Samuel, Hamman, Jaafar, Fehmi
Conference NameProceedings of the 2018 International Conference on Signal Processing and Machine Learning
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-6605-2
Keywordscomposability, Cross Site Scripting, Cross-site scripting (XSS), governence, Human Behavior, information assurance, machine learning, Metrics, policy-based governance, pubcrawl, Resiliency, Scalability, software security, vulnerability detection, web security

Cross-site scripting (XSS) is a scripting attack targeting web applications by injecting malicious scripts into web pages. Blind XSS is a subset of stored XSS, where an attacker blindly deploys malicious payloads in web pages that are stored in a persistent manner on target servers. Most of the XSS detection techniques used to detect the XSS vulnerabilities are inadequate to detect blind XSS attacks. In this research, we present machine learning based approach to detect blind XSS attacks. Testing results help to identify malicious payloads that are likely to get stored in databases through web applications.

Citation Keykaur_detecting_2018