AN IMPROVING PERFORMANCE DISTRIBUTED FRAMEWORK FOR DETECTION OF CROSS WEBSITE SCRIPTING ATTACK
Main Article Content
Article Sidebar
Abstract
Purpose: The purpose of this project is to develop an intrusion detection system that can detect XSS attacks. To detect an XSS threat, an attack signature is used.
Methodology: The framework is divided into 3 levels: software testing service, XSS finder, and XSS elimination. It detects XSS attacks using Techniques of template matching, unit testing and taint-based analysis. The XSS attack elimination process eliminates the escape of untrusted knowledge by abusing the industry norm for bar rules through the sanitisation technique.
Findings: Most people are now wishing on the internet for our endless hours of hard work; this has increased the opportunity for criminals to corrupt data and create compromised systems. Today, a variety of rational attacks are being launched in cyberspace, with Cross-Site Scripting (Web Application Attack) being one of the most prominent. designed function, propose an outline for a device that could be vulnerable to a An Intrusion Detection System (IDS) is attacked with a Cross-Site Scripting (XSS) attack. An XSS (cross-site scripting) attack is a crucial flaw that jeopardises the security of web services. It is a form of security breach where an aggressor injects hazardous script into a software server, either on the client-side inside the consumer’s browser or on the service handside. This well-thought-out method is focused on the case and maintains a log of multiple data breaches. That are variables and are mainly concerned with malicious tags and attributes.
Originality/value: This study provides how XSS attacks continue to target web application vulnerabilities in order to capture user credentials. Future analysis will focus on developing a defence concept that employs mining of data and machine algorithm strategies to locate and avoid the grip on DOM-based XSS attacks, reducing pessimist and optimistic results.
How to Cite
Article Details
Intrusion Detection Scheme (IDS), Cross-Site Scripting (XSS), convolutional neural network (CNN), malicious attackers, Cyber Security, deep learning.
[2]. B. K. Ayeni, J. B. Sahalu, and K. R. Adeyanju, “Detecting Cross-Site Scripting in Web Applications Using Fuzzy Inference System,” J. Computer. Networks Common., vol.2018, pp. 1–10, Aug. 2018.
[3]. S. Elad, S. Renny, M. Martin, and F. Amanda, “State of the Internet Security-Credential Stuffing Attacks Report”, vol. 4, no. 4, Akamai, 2018.
[4]. S. Gupta and B. B. Gupta, “Cross-Site Scripting (XSS) attacks and defence mechanisms: classification and state-of-the-art,” International Journal of Systems Assurance Engineering and Management, vol. 8. Springer India, pp. 512–530, 2018.
[5]. H. B. Kazemian and S. Ahmed, “Comparisons of machine learning techniques for detecting malicious webpages,” Expert Syst. Appl., vol. 42, no. 3, pp. 1166–1177,2019.
[6]. U. Sarmah, D. K. Bhattacharyya, and J. K. Kalita, “A survey of detection methods forXSS attacks,” J. Network. Computer. Appl., vol. 118, pp. 113–143, 2018.
[7]. Chelliah et al., “Location-Aware Collaborative Filtering for Web Service Recommendations Based on User and Service History.,” Journal of Engineering Science & Technology Review, vol. 10 (5), pp. 190-194, 2017.
[8]. G. Deepa and P. S. Thilagam, “Securing web applications from injection and logic vulnerabilities: Approaches and challenges,” Inf. Software. Technol., vol. 74, pp. 160–180,2018