A Vulnerability Detection Method for Internet Cross-site Scripting Based on Relationship Diagram Convolutional Networks
DOI:
https://doi.org/10.13052/jwe1540-9589.2424Keywords:
Relationship diagram, convolutional network, Internet, cross-site scripting, vulnerability detection, word vectorAbstract
The aim of this research is to quickly detect cross-site scripting (XSS) attacks on the internet based on relationship diagram convolutional networks. Based on the principle and attack process of cross-site scripting attacks, domain knowledge is used to build an XSS ontology to conduct high-level modeling of cross-site scripting attacks, obtain data that can reflect XSS attacks, normalize these attack data, extract attack data word vectors, use them as the input of the relationship diagram convolution networks added to the attention mechanism, and learn attack feature word vectors. After further extracting node characteristics through convolution and pooling, all node characteristics are aggregated and fed into the fully connected neural network. XSS vulnerability detection results are obtained through classification of the activation function, and malicious domain name and malicious IP information are combined as supplementary rules to improve the effectiveness of the vulnerability detection in internet cross-site scripting based on the relationship graph convolution network. Experiments show that this method can accurately detect XSS vulnerabilities, provide comprehensive and accurate attack details, and its performance is better than that of the literature method, which is reflected in the higher accuracy, recall, accuracy and F1 value, and the leading area of the ROC curve. Its detection speed is extremely fast, only 0.03 s, and by combining malicious domain name and IP information, the detection efficiency is further improved, realizing rapid response and effectively maintaining Internet security.
Downloads
References
Nancy, P., Muthurajkumar, S., Ganapathy, S., Kumar, S., Selvi, M., and Arputharaj, K. (2020). Intrusion detection using dynamic feature selection and fuzzy temporal decision tree classification for wireless sensor networks. IET Communications, 14(5), 888–895.
Anjinappa, C. K., and Guvenc, I. (2021). Coverage hole detection for mmwave networks: an unsupervised learning approach. IEEE Communications Letters, 25(11):3580–3584.
Modi, B., Chourasia, U., and Pandey, R. (2022). Design and implementation of restful api based model for vulnerability detection and mitigation. IOP Conference Series: Materials Science and Engineering, 1228(1), 012010.
Qasem, A., Shirani, P., Debbabi, M., Wang, L., Lebel, B., and Agba, B. L. (2022). Automatic vulnerability detection in embedded devices and firmware: survey and layered taxonomies. ACM Computing Surveys, 54(2):25.1–25.42.
Krishnaveni, S., Sivamohan, S., Sridhar, S., and Prabhakaran, S. (2022). Network intrusion detection based on ensemble classification and feature selectionmethod for cloud computing. Concurrency and Computation: Practice and Experience, 34(11):1–29.
Liu, Z., Fang, Y., Huang, C., and Han, J. (2022). Graphxss: an efficient xss payload detection approach based on graph convolutional network. Computers & Security, 114.
Liu, S., Lin, G., Han, Q., Wen, S., Zhang, J., and Xiang, Y. (2020). Deepbalance: deep-learning and fuzzy oversampling for vulnerability detection. IEEE Transactions on Fuzzy Systems, 28(7), 1329–1343.
Mao, Y., and Cheng, X. (2020). Trace data monitoring and simulation of local area network malicious code intrusion process. Computer Simulation, 37(01): 263–266+271.
Hosseiny, B., and Shah-Hosseini, R. (2020). A hyperspectral anomaly detection framework based on segmentation and convolutional neural network algorithms. International Journal of Remote Sensing, 41(18), 6946–6975.
Alshdadi, A., Alghamdi, A., Daud, A., and Hussain, S. (2021). Blog backlinks malicious domain name detection via supervised learning. International Journal on Semantic Web and Information Systems, 17(3), 1–17.
Zhao, F., and Ni, Z. (2021). Research on lightweight web intrusion active defense key technology and visual measurement model based on dynamic ip black list. Journal of Physics Conference Series, 1802(4), 042072.
Qiu, H., Zhang, F., Li, G., Lin, Z., Zhou, X., and Li, J., et al. (2023). First principles of in-situ generated interfaces-cohesive force modeling. Weapon Materials Science and Engineering, 46 (01): 94–100.
Fu, S., Liu, W., Li, S., and Zhou, Y. (2020). Two-order relationship diagram convolutional networks for semi-supervised classification. IET Image Processing, 13(14), 2763–2771.
Song, X., Chen, C., Cui, B., and Fu, J. (2020). Malicious javascript detection based on bidirectional lstm model. Applied Sciences, 10(10), 3440.
Dvali, G. (2021). S-matrix and anomaly of de sitter. Symmetry, 13(1), 3.
Tripathi, S., and Kansal, V. (2020). Machine translation evaluation: unveiling the role of dense sentence vector embedding for morphologically rich language. International Journal of Pattern Recognition and Artificial Intelligence, 34(1), 2059001.1–2059001.18.
Alis, D., Alis, C., Yergin, M., Topel, C., Asmakutlu, O., Bagcilar, O., Oksuz, I., Kizilkilic, O., Karaarslan, E. (2022). A joint convolutional-recurrent neural network with an attention mechanism for detecting intracranial hemorrhage on noncontrast head ct. Scientific Reports, 12(1), 2084.
Chen, H., Qi, B., and Zhao, H. (2022). Relationship diagram convolutional neural network gesture recognition based on pooling algorithm. Journal of Circuits, Systems and Computers, 31(15).
Yhc, A., Cl, B., Sang, M., and Envelope, P. (2022). Graph neural network based multiple accident diagnosis in nuclear power plants: data optimization to represent the system configuration-sciencedirect. Nuclear Engineering and Technology, 54(8), 2859–2870.
An, F. P., Liu, J. E., and Bai, L. (2022). Object recognition algorithm based on optimized nonlinear activation function-global convolutional neural network. The Visual Computer, 38(2), 541–553.
