Cross Site Scripting (XSS) Web Attack Detection by Machine Learning

Abstract

In today’s world, Web application security is a major issue for web application developers. There are several reasons behind that but the major cause of this problem is that most of the web developers don’t have the adequate knowledge regarding secure coding. So, taking advantage of that carelessness of the developers, web applications have vulnerabilities and attackers take advantage of that. In this project, we build a firewall which detects the XSS (Cross Site Scripting) vulnerabilities through machine learning and tries to block web attacks preventing web applications from serious troubles. The system makes decisions through a dataset which is provided to the system, we then use machine learning algorithm to classify each web request, whether it is a harmful request or not. There is no need of any headache procedures for the web application’s security department as it is automatically configured and there is no need to define attack signatures. Web application security is very expensive field nowadays, companies use most of their budget in this field. Our system is free for the web application developers and users. Our system detects XSS automatically by classification of input using machine learning techniques. Our proposed features show the results which are a highly accurate classification of malicious inputs.