一种基于CNN的XSS检测方法
首发时间:2019-04-30
摘要:XSS是Web领域中的一项重大威胁,其利用了Web安全的漏洞,攻击方式多样化,传统的基于规则匹配的检测方法难以应对新的变种,容易被绕过从而导致检测效果不是特别理想。对此,我们以XSS攻击的payload为研究对象,提出了一种基于卷积神经网络的XSS检测模型,利用其可以提取XSS payload高维特征的优势应对该问题。在本文中,我们使用安全领域认可度较高的工具BruteXSS的payload库作为验证数据集,将CNN检测模型与传统的基于规则匹配的ModSecurity方法的检测效果进行对比。实验结果显示,CNN检测模型具有更高的精确率、准确率和召回率,证明了该检测模型在应对XSS payload检测方面更加有效。
关键词: 信息安全 CNN XSS ModSecurity BruteXSS
For information in English, please click here
An Approach to Detect XSS Exploits Based on CNN
Abstract:Cross Site Scripting (XSS) has always been a major threat in the field of web application security. Traditional methods such as the rule-matching-based XSS exploits detection solutions, which are inefficient to cope with the ever-changing XSS techniques and there is always a risk of bypassing variants. In this paper, we extract XSS attack related payloads from network flow and propose a XSS exploits detection model based on Convolutional Neural Network (CNN), which can take the advantages of high-dimensional features of XSS behavior to deal with this issue. The proposed approach was tested in a XSS payload library which belongs to a famous tool BruteXSS along with ModSecurity, which is the representative rule-matching-based method. The experimental results show that the CNN based model has higher accuracy, precision and recall rate, which validate its detection effectiveness and robustness against obfuscation of attacks.
Keywords: Information Security CNN XSS ModSecurity BruteXSS
基金:
引用
No.****
同行评议
共计0人参与
勘误表
一种基于CNN的XSS检测方法
评论
全部评论0/1000