Research On Cross-site Scripting Detection Based On Deep Learnin

The wave of technological advancement is driving the rapid development of the Internet.While the emergence of web applications brings users a simple and convenient experience,it also brings serious security problems such as cross-site scripting attacks.Cross-site scripting has the characteristics of flexible coding,complex variation rules,and rapid proliferation,so how to conduct accurate,efficient,and fast detection of cross-site scripting has long been a popular research topic in the field of web security.This paper addresses the problems of poor script readability,high dependency on domain knowledge,and insufficient feature extraction of existing detection methods,proposes a cross-site scripting detection method based on deep learning,introduces natural language processing techniques into cross-site scripting detection and designs a detection model with two-channel feature fusion embedded in a self-attention mechanism for automatically learning and extracting script features,which further improves detection precision while reducing the false positive rate and the false negative rate.The main work of this paper is as follows.1.In response to the scarcity of datasets in the research area,a large number of cross-site scripting examples were collected from websites such as XSSed,and the attack principles,processes,and bypass detection strategies were explored in depth.A set of data pre-processing processes including decoding,normalization,word splitting,and vectorization were designed to address the characteristics of the original cross-site scripting dataset.A set of regularised word separation rules is designed from the perspective of text modeling,and the script sequences are divided into several sub-sequences.The Skip-gram model in the Word2 vec algorithm is used to construct a cross-site scripting word vector matrix.2.A cross-site scripting detection model based on multi-scale feature fusion,3CXSS,is constructed.A parallel architecture is adopted to learn the local correlation between different fine-grained script features using one-dimensional convolutional layers with different-size convolutional kernels,and then fuse the multi-scale features to achieve the classification of cross-site scripting.A cross-site scripting detection model,BLAXSS,is constructed based on a bidirectional Long Short-Term Memory network and a selfattention mechanism.The self-attention mechanism is applied after the bidirectional Long Short-Term Memory network to strengthen the semantic features of scripts extracted by the network so that the model focuses more on the features with high contribution to script classification and weakly influences the weakly relevant features.The experimental results show that both the 3C-XSS and BLA-XSS models proposed in this paper outperform the baseline model in detection.3.Based on the constructed 3C-XSS and BLA-XSS models,we propose the crosssite scripting detection model C-BLA with two-channel feature fusion embedded in a self-attention mechanism.A detection model consisting of parallel feature extraction channels is constructed.The results show that the method achieves a maximum detection precision of 99.8% compared to the baseline model and some existing detection methods,and achieves a low false positive rate of 0.22% and a low false negative rate of 1.42% in the model generalization ability evaluation experiments.