[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.3745/JIPS.03.0079

XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

Rathore, Shailendra (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech))
Sharma, Pradip Kumar (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech))
Park, Jong Hyuk (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech))

Publication Information

Journal of Information Processing Systems / v.13, no.4, 2017 , pp. 1014-1028 More about this Journal

Abstract

Social networking services (SNSs) such as Twitter, MySpace, and Facebook have become progressively significant with its billions of users. Still, alongside this increase is an increase in security threats such as cross-site scripting (XSS) threat. Recently, a few approaches have been proposed to detect an XSS attack on SNSs. Due to the certain recent features of SNSs webpages such as JavaScript and AJAX, however, the existing approaches are not efficient in combating XSS attack on SNSs. In this paper, we propose a machine learning-based approach to detecting XSS attack on SNSs. In our approach, the detection of XSS attack is performed based on three features: URLs, webpage, and SNSs. A dataset is prepared by collecting 1,000 SNSs webpages and extracting the features from these webpages. Ten different machine learning classifiers are used on a prepared dataset to classify webpages into two categories: XSS or non-XSS. To validate the efficiency of the proposed approach, we evaluated and compared it with other existing approaches. The evaluation results show that our approach attains better performance in the SNS environment, recording the highest accuracy of 0.972 and lowest false positive rate of 0.87.

Keywords

Cross-Site Scripting Attack Detection; Dataset; JavaScript; Machine Learning Classifier; Social Networking Services;

Citations & Related Records

Times Cited By KSCI : 4 (Citation Analysis)

Reference
Cited By KSCI

1	D. H. Lee, "Personalizing information using users' online social networks: a case study of CiteULike," Journal of Information Processing Systems, vol. 11, no. 1, pp. 1-21, 2015 DOI
2	J. Kim, D. H. Yao, H. Jang, and K. Jeong, "WebSHArk 1.0: a benchmark collection for malicious web shell detection," Journal of Information Processing Systems, vol. 11, no. 2, pp. 229-238, 2015 DOI
3	Y. Zhang, X. Wang, Q. Luo, and Q. Liu, "Cross-site scripting attacks in social network APIs," in Proceedings of Workshop on WEB 2.0 Security and Privacy (W2SP 2013), San Francisco, CA, 2013.
4	I. Hydara, A. B. M. Sultan, H. Zulzalil, and N. Admodisastro, "Current state of research on cross-site scripting (XSS): a systematic literature review," Information and Software Technology, vol. 58, pp. 170-186, 2015 DOI
5	M. K Gupta, M. C. Govil, and G. Singh, "Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: a survey," in Proceedings of the Recent Advances and Innovations in Engineering (ICRAIE), Jaipur, India, 2014, pp. 1-5
6	Y. Cao, V. Yegneswaran, P. Possas, and Y. Chen, "Pathcutter: severing the self-propagation path of XSS JavaScript Worms in social web networks," in Proceedings of the Network and Distributed System Security Symposium (NDSS'12), San Diego, CA, 2012, pp. 1-14
7	L. Constantin, "New Chinese social networking worm discovered," 2009 [Online]. Available: http://news.softpedia.com/news/New-Chinese-Social-Networking-Worm-Discovered-120021.shtml.
8	Technical explanation of The MySpace Worm [Online]. Available: https://samy.pl/popular/tech.html.
9	P. Likarish, E. Jung, and I. Jo, "Obfuscated malicious JavaScript detection using classification techniques," in Proceedings of the 4th International Conference on Malicious and Unwanted Software (MALWARE), Montreal, Canada, 2009, pp. 47-54.
10	Hackagon, "XSS attack," 2016 [Online]. Available: http://hackagon.com/xss-attack/.
11	A. E. Nunan, E. Souto, E. M. dos Santos, and E. Feitosa, "Automatic classification of cross-site scripting in webpages using document-based and URL-based features," in Proceedings of the IEEE Symposium on Computers and Communications (ISCC), Cappadocia, Turkey, 2012, pp. 000702-000707.
12	F. Sun, L. Xu, and Z. Su, "Client-side detection of XSS worms by monitoring payload propagation," in Proceedings of the 14th European Symposium on Research in Computer Security, Saint-Malo, France, 2009, pp. 539-554.
13	V. B. Livshits and W. Cui, "Spectator: detection and containment of JavaScript Worms," in Proceedings of the USENIX Annual Technical Conference, Boston, MA, 2008, pp. 335-348.
14	M. Ter Louw and V. N. Venkatakrishnan, "Blueprint: robust prevention of cross-site scripting attacks for existing browsers," in Proceedings of the 2009 30th IEEE Symposium on Security and Privacy, Oakland, CA, 2009, pp. 331-346.
15	W. Xu, F. Zhang, and S. Zhu, "Toward worm detection in online social networks," in Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC'10), Austin, TX, 2010, pp. 11-20.
16	Y. S. Hwang, J. B. Kwon, J. C. Moon, and S. J. Cho, "Classifying malicious webpages by using an adaptive support vector machine," Journal of Information Processing Systems, vol. 9, no. 3, pp. 395-404, 2013. DOI
17	M. A. Ahmed, and F. Ali, "Multiple-path testing for cross site scripting using genetic algorithms," Journal of Systems Architecture, vol. 64, pp. 50-62, 2016 DOI
18	G. Cluley, "Cross-platform Boonana Trojan targets Facebook users," 2010 [Online]. Available: https://nakedsecurity.sophos.com/2010/10/28/cross-platform-worm-targets-facebook-users/.
19	C. H. Wang and Y. S. Zhou, "A new cross-site scripting detection mechanism integrated with HTML5 and CORS properties by using browser extensions," in Proceedings of the 2016 International Computer Symposium (ICS), Chiayi, Taiwan, 2016, pp. 264-269.
20	Common Attack Pattern Enumeration and Classification, "CAPEC-72: URL encoding," 2017 [Online]. Available: https://capec.mitre.org/data/definitions/72.html.
21	R. Wang, X. Jia, Q. Li, and D. Zhang, "Improved N-gram approach for cross-site scripting detection in online social network," in Proceedings of the Science and Information Conference (SAI), London, UK, 2015, pp. 1206-1212.
22	XSS attacks information [Online]. Available: http://www.xssed.com/.
23	Alexa, "The top 500 sites on the web," 2017 [Online]. Available: http://www.alexa.com/topsites.
24	Elgg Foundation, "Introducing a powerful open source social networking engine," [Online]. Available: https://elgg.org/.
25	R. Wang, X. Jia, Q. Li, and S. Zhang, "Machine learning based cross-site scripting detection in online social network," in Proceedings of the 2014 IEEE International Conference on High Performance Computing and Communications (HPSS), 2014 IEEE 6th International Symposium on Cyberspace Safety and Security (CSS), and 2014 IEEE 11th International Conference on Embedded Software and Systems (ICESS), Paris, France, 2014, pp. 823-826.
26	Weka 3: data mining software in Java [Online]. Available: http://www.cs.waikato.ac.nz/ml/weka/.
27	K. M. Prabusankarlal, P. Thirumoorthy, and R. Manavalan, "Assessment of combined textural and morphological features for diagnosis of breast masses in ultrasound," Human-centric Computing and Information Sciences, vol. 5, no. 1, pp. 1-17, 2015. DOI
28	C. Chantrapornchai and P. Nusawat, "Two machine learning models for mobile phone battery discharge rate prediction based on usage patterns," Journal of Information Processing Systems, vol. 12, no. 3, pp. 436-454, 2016. DOI
29	J. H. Choi, H. S. Shin, and A. Nasridinov, "A comparative study on data mining classification techniques for military applications," Journal of Convergence, vol. 7, pp. 1-7, 2016.