Noor Ullah Bacha¹, Songfeng Lu¹, Attiq Ur Rehman¹, Muhammad Idrees², Yazeed Yasin Ghadi³, Tahani Jaser Alahmadi^4,*

CMC-Computers, Materials & Continua, Vol.81, No.1, pp. 707-748, 2024, DOI:10.32604/cmc.2024.054780 - 15 October 2024

Abstract Cross-Site Scripting (XSS) remains a significant threat to web application security, exploiting vulnerabilities to hijack user sessions and steal sensitive data. Traditional detection methods often fail to keep pace with the evolving sophistication of cyber threats. This paper introduces a novel hybrid ensemble learning framework that leverages a combination of advanced machine learning algorithms—Logistic Regression (LR), Support Vector Machines (SVM), eXtreme Gradient Boosting (XGBoost), Categorical Boosting (CatBoost), and Deep Neural Networks (DNN). Utilizing the XSS-Attacks-2021 dataset, which comprises 460 instances across various real-world traffic-related scenarios, this framework significantly enhances XSS attack detection. Our approach, which… More >

Qiurong Qin, Yueqin Li^*, Yajie Mi, Jinhui Shen, Kexin Wu, Zhenzhao Wang

CMC-Computers, Materials & Continua, Vol.80, No.1, pp. 843-874, 2024, DOI:10.32604/cmc.2024.051769 - 18 July 2024

Abstract In the era of the Internet, widely used web applications have become the target of hacker attacks because they contain a large amount of personal information. Among these vulnerabilities, stealing private data through cross-site scripting (XSS) attacks is one of the most commonly used attacks by hackers. Currently, deep learning-based XSS attack detection methods have good application prospects; however, they suffer from problems such as being prone to overfitting, a high false alarm rate, and low accuracy. To address these issues, we propose a multi-stage feature extraction and fusion model for XSS detection based on… More >