基于SVM分类器的XSS攻击检测技术

计算机科学 ›› 2018, Vol. 45 ›› Issue (11A): 356-360.

基于SVM分类器的XSS攻击检测技术

赵澄, 陈君新, 姚明海

浙江工业大学信息工程学院杭州310023

出版日期:2019-02-26 发布日期:2019-02-26
作者简介:赵澄(1985-),男,博士,高级工程师,主要研究方向为无线网络、数据安全、数据挖掘;陈君新(1992-),男,硕士,主要研究方向为网络安全与Web安全;姚明海 (1963-),男,博士,教授,CCF会员,主要研究方向为智能控制、模式识别、网络控制,E-mail:ymh@zjut.edu.cn。
基金资助:
本文受国家自然科学基金(61379123,61402414),浙江省教育厅资助项目(Y201431815)资助。

XSS Attack Detection Technology Based on SVM Classifier

ZHAO Cheng, CHEN Jun-xin, YAO Ming-hai

College of Information Engineering,Zhejiang University of Technology,Hangzhou 310023,China

Online:2019-02-26 Published:2019-02-26

摘要/Abstract

摘要： Web应用高速发展的同时产生了大量安全漏洞,跨站脚本攻击(XSS)就是危害最为严重的Web漏洞之一,而基于规则的传统XSS检测工具难以检测未知的和变形的XSS。为了应对未知的和变形的XSS,文中提出了一种基于支持向量机(SVM)分类器的XSS攻击检测方案。该方案在大量分析XSS攻击样本及其变形样本和正常样本的基础上,提取最具代表性的五维特征并将这些特征向量化,然后进行SVM算法的训练和测试。通过准确率、召回率和误报率3个指标来对分类器的检测效果进行评价,并优化特征提取方式。改进后的SVM分类器与传统工具和普通SVM相比性能均有所提升。

关键词: SVM分类器, 跨站脚本攻击, 特征向量化

Abstract: A large number of security vulnerabilities appeare with the development of Web applications,XSS is one of the most harmful Web vulnerabilities.To deal with the unknown XSS,a XSS detection scheme based on support vector machine (SVM) classifier was proposed.The most representative five dimensional features are extracted to support the training of machine algorithms based on a large number of analysis of XSS attack samples.The feasibility of the SVM classifier was verified based on accuracy,recall and false alarm rate.In addition,the characteristics of deformed XSS samples were added to optimize the performance of the classifier.The improved SVM classifier has better performance compared with traditional tools and ordinary SVM.

Key words: Feature vectorization, SVM classifier, XSS attack

中图分类号:

TP393

赵澄, 陈君新, 姚明海. 基于SVM分类器的XSS攻击检测技术[J]. 计算机科学, 2018, 45(11A): 356-360. https://doi.org/

ZHAO Cheng, CHEN Jun-xin, YAO Ming-hai. XSS Attack Detection Technology Based on SVM Classifier[J]. Computer Science, 2018, 45(11A): 356-360. https://doi.org/

参考文献

[1]张伟,吴灏,邹郅路.针对基于编码的跨站脚本攻击分析及防范方法[J].小型微型计算机系统,2013,34(7):1615-1619.
[2]SHASHANK G,GUPTA B B,POOJA C.Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network[J].Future Generation Computer Systems,2018,79(1):319-336.
[3]WANG W,LIU J Q,PITSILIS G,et al.Abstracting massive data for lightweight intrusion detection in computer networks[J].Information Sciences,2018,433:417-430.
[4]吴少华,程书宝,胡勇.基于SVM的Web攻击检测技术[J].计算机科学,2015,42(6A):362-364.
[5]MAHMOOD M,ALI Y V.New rule-based phishing detection method[J].Expert Systems With Applications,2016,53:231-242.
[6]SALAS M I P,MARTINS E.Security Testing Methodology for Vulnerabilities Detection of XSS in Web Services and WS-Securi-ty[J].Electronic Notes in Theoretical Computer Science,2014,302(302):133-154.
[7]ADEVA J J G,ATXA J M P.Inrusion detection in web application using text mining[J].Engineering Applications of Artificial Intelligence,2007,20(4):555-566.
[8]ROCHA T S,SOUTO E.ETSSDetector:A Tool to Automati-cally Detect Cross-Site Scripting Vulnerabilities[C]∥NetWork Computing and Applications.IEEE Computer Society,2014:306-309.
[9]BISHT P,VENKATAKRISHNAN V N.XSS-GUARD:Precise Dynamic Prevention of Cross-Site Scripting Attacks[C]∥In Proceeding of Conference on Detection of Intrusions and Malware & Vulnerability Assessment.2008:23-43.
[10]邱永华.XSS跨站脚本攻击剖析与防御[M].北京:人民邮电出版社,2013.
[11]AHUSBORDE E,AZAIEZ M,BELGACEM F B,et al.Mercer’s spectral decomposition for the characterization of thermal parameters[J].Journal of Computational Physics,2015,294(C):1-19.

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed