Title: XSS attack prevention using machine learning

Authors: Kanav Raj Farishta; Vivek Kumar Singh; D. Rajeswari

Addresses: Department of Computer Science and Engineering, SRM Institute of Science and Technology, Kattankulathur, Tamil Nadu, India ' Department of Computer Science and Engineering, SRM Institute of Science and Technology, Kattankulathur, Tamil Nadu, India ' Department of Computer Science and Engineering, SRM Institute of Science and Technology, Kattankulathur, Tamil Nadu, India

Abstract: Web applications are extensively used all over the world-wide net. These are the applications that have made our regular day to day existence easy and straightforward. We share incredibly confidential information over the web and keeping the information confidential is the most important priority of these web-based applications. These web-based applications are vulnerable to different attacks, XSS and SQL injection being one of the most perceived attacks. Attackers inject malicious code into the web application and can cause cataclysmic harm to the person without his/her consent. Cross-site scripting (XSS) and SQL injection strikes are the most generally perceived sort of attacks that a web application experience. The XSS attack is caused by executing malicious code to a web browser which runs in the server about which the user is not aware of and is capable of catastrophic disaster. Recognising a script that is malicious or benign can keep an unwanted attack from happening and can help the web application from keeping the data of the users confidential. The work accentuates on a portion of the conceptual approaches to identify the XSS script on the customer side dependent on a portion of the highlights extracted from the vindictive contents.

Keywords: XSS attack; SQL injection; machine learning; K-NN; SVM; SG descent; random forest; precision; recall.

DOI: 10.1504/WRSTSD.2022.119322

World Review of Science, Technology and Sustainable Development, 2022 Vol.18 No.1, pp.45 - 50

Received: 25 Jun 2019
Accepted: 23 Jul 2020

Published online: 01 Dec 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article