An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments
Abstract Cloud Computing plays a pivotal role in facilitating the Internet of Things (IoT) and its diverse applications. Users frequently access and store data on remote servers in Cloud Computing environments through web browsers. Consequently, attackers may exploit vulnerabilities in web browsing...
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
SpringerOpen
2023-08-01
|
| Series: | Journal of Cloud Computing: Advances, Systems and Applications |
| Subjects: | |
| Online Access: | https://doi.org/10.1186/s13677-023-00483-x |
| _version_ | 1797451513261457408 |
|---|---|
| author | Xiaolong Li Tingting Wang Wei Zhang Xu Niu Tingyu Zhang Tengteng Zhao Yongji Wang Yufei Wang |
| author_facet | Xiaolong Li Tingting Wang Wei Zhang Xu Niu Tingyu Zhang Tengteng Zhao Yongji Wang Yufei Wang |
| author_sort | Xiaolong Li |
| collection | DOAJ |
| description | Abstract Cloud Computing plays a pivotal role in facilitating the Internet of Things (IoT) and its diverse applications. Users frequently access and store data on remote servers in Cloud Computing environments through web browsers. Consequently, attackers may exploit vulnerabilities in web browsing to embed malicious code into web pages, enabling them to launch attacks on remote servers in Cloud Computing environments. Due to its complexity, prevalence, and significant impact, XSS has consistently been recognized as one of the top ten web security vulnerabilities by OWASP. The existing XSS detection technology requires optimization: manual feature extraction is time-consuming and heavily reliant on domain knowledge, while the current confusion technology and complex code logic contribute to a decline in the identification of XSS attacks. This paper proposes a character-level bidirectional long-term and short-term memory network model based on a multi-attention mechanism. The bidirectional long-term and short-term memory network ensures the association of current features with preceding and subsequent text, while the multi-attention mechanism extracts additional features from different feature subspaces to enhance the understanding of text semantics. Experimental results demonstrate the effectiveness of the proposed model for XSS detection, with an F1 score of 98.71%. |
| first_indexed | 2024-03-09T14:55:44Z |
| format | Article |
| id | doaj.art-f9264b62debd4277bff9ce738af01c0f |
| institution | Directory Open Access Journal |
| issn | 2192-113X |
| language | English |
| last_indexed | 2024-03-09T14:55:44Z |
| publishDate | 2023-08-01 |
| publisher | SpringerOpen |
| record_format | Article |
| series | Journal of Cloud Computing: Advances, Systems and Applications |
| spelling | doaj.art-f9264b62debd4277bff9ce738af01c0f2023-11-26T14:14:57ZengSpringerOpenJournal of Cloud Computing: Advances, Systems and Applications2192-113X2023-08-0112111210.1186/s13677-023-00483-xAn LSTM based cross-site scripting attack detection scheme for Cloud Computing environmentsXiaolong Li0Tingting Wang1Wei Zhang2Xu Niu3Tingyu Zhang4Tengteng Zhao5Yongji Wang6Yufei Wang7Beijing Institute of Control and Electronics TechnologyBeijing Institute of Control and Electronics TechnologyBeijing Institute of Control and Electronics TechnologyBeijing Institute of Control and Electronics TechnologyBeijing Institute of Control and Electronics TechnologyBeijing Institute of Control and Electronics TechnologyState Key Laboratory of Networking and Switching Technology, Beijing University of Posts and TelecommunicationsState Key Laboratory of Networking and Switching Technology, Beijing University of Posts and TelecommunicationsAbstract Cloud Computing plays a pivotal role in facilitating the Internet of Things (IoT) and its diverse applications. Users frequently access and store data on remote servers in Cloud Computing environments through web browsers. Consequently, attackers may exploit vulnerabilities in web browsing to embed malicious code into web pages, enabling them to launch attacks on remote servers in Cloud Computing environments. Due to its complexity, prevalence, and significant impact, XSS has consistently been recognized as one of the top ten web security vulnerabilities by OWASP. The existing XSS detection technology requires optimization: manual feature extraction is time-consuming and heavily reliant on domain knowledge, while the current confusion technology and complex code logic contribute to a decline in the identification of XSS attacks. This paper proposes a character-level bidirectional long-term and short-term memory network model based on a multi-attention mechanism. The bidirectional long-term and short-term memory network ensures the association of current features with preceding and subsequent text, while the multi-attention mechanism extracts additional features from different feature subspaces to enhance the understanding of text semantics. Experimental results demonstrate the effectiveness of the proposed model for XSS detection, with an F1 score of 98.71%.https://doi.org/10.1186/s13677-023-00483-xNetwork securityXSS detectionBidirectional long-term and short-term memory networkMulti-head Attention mechanism |
| spellingShingle | Xiaolong Li Tingting Wang Wei Zhang Xu Niu Tingyu Zhang Tengteng Zhao Yongji Wang Yufei Wang An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments Journal of Cloud Computing: Advances, Systems and Applications Network security XSS detection Bidirectional long-term and short-term memory network Multi-head Attention mechanism |
| title | An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments |
| title_full | An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments |
| title_fullStr | An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments |
| title_full_unstemmed | An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments |
| title_short | An LSTM based cross-site scripting attack detection scheme for Cloud Computing environments |
| title_sort | lstm based cross site scripting attack detection scheme for cloud computing environments |
| topic | Network security XSS detection Bidirectional long-term and short-term memory network Multi-head Attention mechanism |
| url | https://doi.org/10.1186/s13677-023-00483-x |
| work_keys_str_mv | AT xiaolongli anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT tingtingwang anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT weizhang anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT xuniu anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT tingyuzhang anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT tengtengzhao anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT yongjiwang anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT yufeiwang anlstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT xiaolongli lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT tingtingwang lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT weizhang lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT xuniu lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT tingyuzhang lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT tengtengzhao lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT yongjiwang lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments AT yufeiwang lstmbasedcrosssitescriptingattackdetectionschemeforcloudcomputingenvironments |