文章基本信息

标题：Run-time Detection of Cross-site Scripting: A Machine-Learning Approach Using Syntactic-Tagging N-Gram Features
本地全文：下载
作者：Nurul Atiqah Abu Talib ; Kyung-Goo Doh
期刊名称：International Journal of Computer Science and Security (IJCSS)
电子版ISSN：1985-1553
出版年度：2022
卷号：16
期号：2
页码：9-27
语种：English
出版社：Computer Science Journals
摘要：Ensuring the security of web applications against cross-site scripting is practically a never-ending story. With the emergence of new applications with loaded payloads of open expressiveness and versatile functionalities to provide users with interactive services, the fight is even more challenging. A new feasible approach now in growing prominence is to use machine-learning classification. In this paper, we demonstrate an approach for payload ion through the translation of payloads into sentences of syntactic tags. This is to extract a normalized set of features of appropriate data and to minimize the problems of manually creating rules based on dangerous characteristics of payloads. We show that through ion and normalized features, we can accurately classify input payloads according to their proper categories. We assert that the security work is adequately informative to represent payloads and it can be more sustainable by using the automaton of machine-learning technique.
关键词：Cross-site Scripting;N-gram;Web Application Security;Supervised Machinelearning;Tagging;Syntactic Structure