Portal de Periódicos da CAPES

Resolving cross-site scripting attacks through genetic algorithm and reinforcement learning

2020; Elsevier BV; Volume: 168; Linguagem: Inglês

10.1016/j.eswa.2020.114386

1873-6793

Iram Tariq, Muddassar Azam Sindhu, Rabeeh Ayaz Abbasi, Akmal Saeed Khattak, Onaiza Maqbool, Ghazanfar Farooq Siddiqui,

Advanced Malware Detection Techniques

Cross Site Scripting (XSS) is one of the most frequently occurring vulnerability. The impact of XSS can vary from cosmetic to catastrophic damages. However, detection of XSS efficiently is still an open issue. Cross site scripting has been dealt with static and dynamic analysis previously. Both techniques have shortcomings and fail due to frequent variations in XSS payloads. Therefore, in this paper, we have proposed the use of Genetic Algorithm (GA) along with Reinforcement Learning (RL) and threat intelligence to overcome XSS attacks. For validation, the proposed approach is applied on a real dataset of XSS attacks. Results show better performance of our proposed approach when compared to the approaches reported in the literature. In addition to better performance, our method is not only flexible to changes in XSS payloads, but the results are also more understandable to end users. Moreover, our approach shows improvement when the number of attacks is increased.