Noor Ullah Bacha¹, Songfeng Lu¹, Attiq Ur Rehman¹, Muhammad Idrees², Yazeed Yasin Ghadi³, Tahani Jaser Alahmadi^4,*

CMC-Computers, Materials & Continua, Vol.81, No.1, pp. 707-748, 2024, DOI:10.32604/cmc.2024.054780 - 15 October 2024

Abstract Cross-Site Scripting (XSS) remains a significant threat to web application security, exploiting vulnerabilities to hijack user sessions and steal sensitive data. Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats. This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms—Logistic Regression (LR), Support Vector Machines (SVM), eXtreme Gradient Boosting (XGBoost), Categorical Boosting (CatBoost), and Deep Neural Networks (DNN). Utilizing the XSS-Attacks-2021 dataset, which comprises 460 instances across various real-world traffic-related scenarios, this framework significantly enhances XSS attack detection. Our approach, which… More >

Abdulwahed Awad Almutairi¹, Shailendra Mishra^2,*, Mohammed AlShehri¹

Computer Systems Science and Engineering, Vol.40, No.3, pp. 1233-1248, 2022, DOI:10.32604/csse.2022.019427 - 24 September 2021

Abstract Web applications have become a widely accepted method to support the internet for the past decade. Since they have been successfully installed in the business activities and there is a requirement of advanced functionalities, the configuration is growing and becoming more complicated. The growing demand and complexity also make these web applications a preferred target for intruders on the internet. Even with the support of security specialists, they remain highly problematic for the complexity of penetration and code reviewing methods. It requires considering different testing patterns in both codes reviewing and penetration testing. As a… More >