基于遗传算法和支持向量机的XSS攻击检测方法

马征; 陈学斌; 张国鹏; 翟冉

doi:10.3969/j.issn.1671-7775.2024.06.009

PDF(1955 KB)

江苏大学学报（自然科学版） ›› 2024, Vol. 45 ›› Issue (6) : 686-693. DOI: 10.3969/j.issn.1671-7775.2024.06.009

计算机与通信工程

基于遗传算法和支持向量机的XSS攻击检测方法

作者信息 +

XSS attack detection method based on genetic algorithm and support vector machine

Author information +

文章历史 +

摘要

针对现有基于过滤器、动态分析、静态分析等的解决方案在检测未知 XSS 攻击方面效果不佳的问题，利用机器学习方法可高效检测出未知 XSS 攻击的特点，提出一种基于遗传算法和支持向量机的XSS攻击检测模型.通过模糊测试生成XSS攻击预样本，利用遗传算法搜索特征空间，迭代生成最优测试用例，从而扩充数据集、丰富XSS攻击向量库.给出了基于遗传算法和支持向量机的攻击检测模型，确定了XSS测试用例编码规则.进行了适应度函数设计，完成了选择算子、交叉算子、变异算子的设计.从准确率、召回率、误报率和F1值来评价分类器的检测效果，结果表明：该模型准确率达到了99.5%；对比其他检测方法，该检测模型具有更好的检测效果，并且召回率和误报率也有明显改善.

Abstract

To solve the poor performance problem of the existing solutions based on filters, dynamic analysis and static analysis in detecting unknown XSS attacks, the machine learning methods were used to efficiently detect unknown XSS attacks, and the XSS attack detection model was proposed based on genetic algorithm and support vector machine. The fuzzy testing was used to generate XSS attack pre samples, and the genetic algorithm was used to search the feature space. The optimal test cases were iteratively generate, and the dataset was expanded to enrich the XSS attack vector library. The attack detection model was proposed based on genetic algorithm and support vector machine, and the coding rules for XSS test cases were determined. The fitness function was designed, and the designs of selection operator, crossover operator and mutation operator were completed. The detection performance of the classifier was evaluated based on accuracy, recall, false positive rate and F1 score. The results show that the accuracy of the model can reach 99.5%. Compared with other detection methods, the proposed detection model has better detection performance with high recall rate and low false positive rate.

导出引用

马征, 陈学斌, 张国鹏, 等. 基于遗传算法和支持向量机的XSS攻击检测方法[J]. 江苏大学学报（自然科学版）, 2024, 45(6): 686-693 https://doi.org/10.3969/j.issn.1671-7775.2024.06.009

MA Zheng, CHEN Xuebin, ZHANG Guopeng, et al. XSS attack detection method based on genetic algorithm and support vector machine[J]. Journal of Jiangsu University(Natural Science Edition), 2024, 45(6): 686-693 https://doi.org/10.3969/j.issn.1671-7775.2024.06.009

参考文献

［1］KORAC＇ D, DAMJANOVIC＇ B, SIMIC＇ D, et al. A hybrid XSS attack (HYXSSA) based on fusion approach: challenges, threats and implications in cybersecurity[J]. Journal of King Saud UniversityComputer and Information Sciences,2022,34:9284-9300. ［2］冯亦彤.基于攻击向量自动生成的XSS漏洞检测系统的研究与设计[D].北京：北京邮电大学,2019. ［3］许丹丹,徐洋,张思聪,等.基于DCNNGRU模型的XSS攻击检测方法[J].计算机应用与软件,2022,39(2):324-329. XU D D, XU Y, ZHANG S C, et al. XSS attack detection method based on DCNNGRU model[J]. Computer Applications and Software, 2022,39(2):324-329.(in Chinese) ［4］朱思猛,杜瑞颖,陈晶,等.基于循环神经网络的Web应用防火墙加固方案[J].计算机工程,2022,48(11):120-126. ZHU S M, DU R Y, CHEN J, et al. Web application firewall reinforcement scheme based on recurrent neural network[J]. Computer Engineering, 2022,48(11):120-126.(in Chinese) ［5］丁雪川,张伟峰,方菽兰,等.基于深度学习的跨站脚本攻击检测[J].技术与市场,2022,29(3):112-113. DING X C, ZHANG W F, FANG S L, et al. Crosssite scripting attack detection based on deep learning[J]. Technology and Market, 2022,29(3):112-113.(in Chinese) ［6］THAJEEL I K, SAMSUDIN K, HASHIM S J, et al. Machine and deep learningbased XSS detection approaches: a systematic literature review[J]. Journal of King Saud UniversityComputer and Information Sciences, DOI: 10.1016/j.jksuci.2023.101628. ［7］MARASHDIH A W, ZAABA Z F, SUWAIS K, et al. Web application security: an investigation on static analysis with other algorithms to detect cross site scripting[J]. Procedia Computer Science, 2019,161:1173-1181. ［8］顾兆军,李志平,张礼哲. 基于单分类支持向量机的XSS攻击检测研究[J]. 计算机应用与软件, 2021,38(6):299-305. GU Z J, LI Z P, ZHANG L Z. XSS attack detection based on OCSVM[J]. Computer Applications and Software, 2021,38(6):299-305.（in Chinese）［9］赵澄,陈君新,姚明海. 基于SVM分类器的XSS攻击检测技术[J]. 计算机科学, 2018,45(11A):356-360. ZHAO C, CHEN J X, YAO M H. XSS attack detection technology based on SVM classifier[J]. Computer Science, 2018, 45(11A):356-360.（in Chinese）［10］KAUR G, PANDE B, BHARDWAJ A, et al.Efficient yet robust elimination of XSS attack vectors from HTML5 web applications hosted on OSNbased cloud platforms[J]. Procedia Computer Science, 2018,125:669-675. ［11］ABU ALHAIJA Q. Costeffective detection system of crosssite scripting attacks using hybrid learning approach[J]. Results in Engineering, DOI: 10.1016/j.rineng.2023.101266. ［12］MARASHDIH A W, ZAABA Z F, SUWAIS K. Predicting input validation vulnerabilities based on minimal SSA features and machine learning[J]. Journal of King Saud UniversityComputer and Information Sciences, 2022,34(10PB):9311-9331.