According to OWASP 2021, cross-site scripting (XSS) attacks are increasing through specially crafted XML documents. The attacker injects a malicious payload with a new pattern and combination of scripts, functions, and tags that deceits the existing security mechanisms in web services. This paper proposes an approach, GeneMiner, encompassing GeneMiner-E to extract new features and GeneMiner-C for classification of input payloads as malicious and nonmalicious. The proposed approach evolves itself to the changing patterns of attack payloads and identifies adversarial XSS attacks. The experiments have been conducted by collecting data from open source and generating various combinations of scripts, functions, and tags using an incremental genetic algorithm. The experimental results show that the proposed approach effectively detects newly crafted malicious XSS payloads with an accuracy of 98.5, which is better than the existing classification techniques. The approach learns variations in the existing attack sample space and identifies the new attack payloads with reduced efforts.
展开▼
机译:根据 OWASP 2021,通过特制的 XML 文档,跨站点脚本 (XSS) 攻击正在增加。攻击者向恶意负载注入新模式和脚本、函数和标记组合,从而欺骗 Web 服务中的现有安全机制。本文提出了一种名为GeneMiner的方法,包括GeneMiner-E提取新特征,GeneMiner-C将输入有效载荷分类为恶意和非恶意。所提出的方法根据攻击有效载荷的变化模式进行自我发展,并识别对抗性 XSS 攻击。这些实验是通过从开源收集数据并使用增量遗传算法生成脚本、函数和标签的各种组合来进行的。实验结果表明,所提方法能有效检测新构建的恶意XSS有效载荷,准确率达98.5%,优于现有的分类技术。该方法可以学习现有攻击样本空间的变化,并以更少的工作量识别新的攻击有效载荷。
展开▼
