Employing Sequence to Sequence Neural Network Model for XSS Attack Detection

Cross-site scripting (XSS) attacks are considered one of the most prevalent types of attacks and have caused huge damage to individuals and organizations in the form of economic loss and intrusion into privacy. Several detection techniques have been used to find known threats using signatures obtained from network traffic. Researchers have developed many techniques based on machine learning to identify attacks without depending on known signatures of already known attacks. While a number of neural network-based methods to detect XSS attacks have been proposed by security experts, no one has attempted to detect XSS attacks using a sequence neural network model. We have proposed a novel approach called a sequence-to-sequence neural network (seq2seq) model to detect cross-site scripting attacks without depending on signatures of known attacks. Using seq2seq model for XSS detection is based on extracting features from web application code segments, then using them to predict whether a script contains malicious code. The seq2seq model is represented as a two-layer neural network, with the first layer processing the training samples in sequential order and the second layer responsible for the classification of each data sample. This dataset consists of 10100 instances of malicious and benign JavaScript. The Pearson correlation method was used for feature selection. All the experiments were conducted using Tenser flow and Keras. The experimental results that proposed seq2seq achieved an accuracy of 99.8%.