当前位置: X-MOL 学术Appl. Soft Comput. › 论文详情
Development of web browser prototype with embedded classification capability for mitigating Cross-Site Scripting attacks
Applied Soft Computing ( IF 5.472 ) Pub Date : 2020-12-24 , DOI: 10.1016/j.asoc.2020.106873
Vikas K. Malviya; Sawan Rai; Atul Gupta

Mitigation of Cross-Site Scripting (XSS) with machine learning techniques is the recent interest of researchers. A large amount of research work is reported in this domain. A lack of real-time tools working on the basis of these approaches is a gap in this domain. In this work, a web browser that works on machine learning classification to mitigate XSS attacks is developed. This browser classifies webpages into malicious and non-malicious pages using features identified by observation of malicious web pages and features collected from the different authors works. Classification experiments are conducted to evaluate the effectiveness of these features, and it is found that this approach performs better than other proposed methods in terms of classification accuracy, precision, recall, and F1-score. A web browser is implemented with the open-source browser WebKit. Experiments are conducted to assess the overhead created by the added functionality of classification in the web browser. The browser is found effective in classifying web pages and in real-time browsing scenarios with very less generated overhead. This makes web browser better than other proposed solutions to mitigate (XSS) attacks with minimal overhead. This developed web browser will be beneficial not only for researchers working in this domain but also for the users who can be the victims of XSS attacks.



中文翻译:

开发具有嵌入式分类功能的Web浏览器原型,以缓解跨站点脚本攻击

研究人员最近对利用机器学习技术缓解跨站点脚本(XSS)产生了兴趣。在该领域中报道了大量的研究工作。在这些方法的基础上缺乏实时工具,这是该领域的空白。在这项工作中,开发了一种基于机器学习分类的Web浏览器,以减轻XSS攻击。该浏览器使用通过观察恶意网页和从不同作者作品收集的特征来识别网页的功能,将网页分为恶意和非恶意页面。进行分类实验以评估这些功能的有效性,并且发现该方法在分类准确性,准确性,召回率和F1得分方面比其他提出的方法更好。WebKit。进行实验以评估由Web浏览器中添加的分类功能所产生的开销。发现该浏览器可有效地对网页进行分类和在实时浏览情况下,产生的开销非常少。这使Web浏览器比其他提议的解决方案更好,以最小的开销减轻(XSS)攻击。这种开发的Web浏览器不仅对从事该领域的研究人员有益,对于可能成为XSS攻击受害者的用户也将是有益的。

更新日期:2021-01-13
全部期刊列表>>
微生物研究
亚洲大洋洲地球科学
NPJ欢迎投稿
自然科研论文编辑
ERIS期刊投稿
欢迎阅读创刊号
自然职场,为您触达千万科研人才
spring&清华大学出版社
城市可持续发展前沿研究专辑
Springer 纳米技术权威期刊征稿
全球视野覆盖
施普林格·自然新
chemistry
物理学研究前沿热点精选期刊推荐
自然职位线上招聘会
欢迎报名注册2020量子在线大会
化学领域亟待解决的问题
材料学研究精选新
GIANT
ACS ES&T Engineering
ACS ES&T Water
屿渡论文,编辑服务
阿拉丁试剂right
上海中医药大学
浙江大学
西湖大学
化学所
北京大学
清华
隐藏1h前已浏览文章
课题组网站
新版X-MOL期刊搜索和高级搜索功能介绍
ACS材料视界
清华大学-1
武汉大学
浙江大学
天合科研
x-mol收录
试剂库存
down
wechat
bug