A hybrid of CNN and LSTM methods for securing web application against cross-site scripting attack

Raed Waheed Kadhim, Methaq Talib Gaata

Abstract


Cross-site scripting (XSS) is today one of the biggest threatthat could targeting the Web application. Based on study published by the open web applications security project (OWASP), XSS vulnerability has been present among the TOP 10 Web application vulnerabilities.Still,an important security-related issue remains how to effectively protect web applications from XSS attacks.In first part of this paper, a method for detecting XSS attack was proposed by combining convolutional neural network (CNN) with long short term memories (LSTM), Initially, pre-processing was applied to XSS Data Set by decoding, generalization and tokanization, and then word2vec was applied to convert words into word vectors in XSS payloads. And then we use the combination CNN with LSTM to train and test word vectors to produce a model that can be used in a web application. Based on the obtaned results, it is observed that the proposed model achevied an excellent result with accuracy of 99.4%.



DOI: http://doi.org/10.11591/ijeecs.v21.i2.pp%25p
Total views : 49 times

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

shopify stats IJEECS visitor statistics