A Vulnerability Detection Method for Internet Cross-Site Scripting Based on Relationship Diagram Convolutional Networks

IF 0.7 4区计算机科学 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Web Engineering Pub Date : 2025-03-01 DOI:10.13052/jwe1540-9589.2424

Zhida Guo;Xiaoli Li;Ran Hu;Dapeng Wang;Weijie Song

{"title":"A Vulnerability Detection Method for Internet Cross-Site Scripting Based on Relationship Diagram Convolutional Networks","authors":"Zhida Guo;Xiaoli Li;Ran Hu;Dapeng Wang;Weijie Song","doi":"10.13052/jwe1540-9589.2424","DOIUrl":null,"url":null,"abstract":"The aim of this research is to quickly detect cross-site scripting (XSS) attacks on the internet based on relationship diagram convolutional networks. Based on the principle and attack process of cross-site scripting attacks, domain knowledge is used to build an XSS ontology to conduct high-level modeling of cross-site scripting attacks, obtain data that can reflect XSS attacks, normalize these attack data, extract attack data word vectors, use them as the input of the relationship diagram convolution networks added to the attention mechanism, and learn attack feature word vectors. After further extracting node characteristics through convolution and pooling, all node characteristics are aggregated and fed into the fully connected neural network. XSS vulnerability detection results are obtained through classification of the activation function, and malicious domain name and malicious IP information are combined as supplementary rules to improve the effectiveness of the vulnerability detection in internet cross-site scripting based on the relationship graph convolution network. Experiments show that this method can accurately detect XSS vulnerabilities, provide comprehensive and accurate attack details, and its performance is better than that of the literature method, which is reflected in the higher accuracy, recall, accuracy and F1 value, and the leading area of the ROC curve. Its detection speed is extremely fast, only 0.03 s, and by combining malicious domain name and IP information, the detection efficiency is further improved, realizing rapid response and effectively maintaining Internet security.","PeriodicalId":49952,"journal":{"name":"Journal of Web Engineering","volume":"24 2","pages":"243-266"},"PeriodicalIF":0.7000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10980126","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Web Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10980126/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

The aim of this research is to quickly detect cross-site scripting (XSS) attacks on the internet based on relationship diagram convolutional networks. Based on the principle and attack process of cross-site scripting attacks, domain knowledge is used to build an XSS ontology to conduct high-level modeling of cross-site scripting attacks, obtain data that can reflect XSS attacks, normalize these attack data, extract attack data word vectors, use them as the input of the relationship diagram convolution networks added to the attention mechanism, and learn attack feature word vectors. After further extracting node characteristics through convolution and pooling, all node characteristics are aggregated and fed into the fully connected neural network. XSS vulnerability detection results are obtained through classification of the activation function, and malicious domain name and malicious IP information are combined as supplementary rules to improve the effectiveness of the vulnerability detection in internet cross-site scripting based on the relationship graph convolution network. Experiments show that this method can accurately detect XSS vulnerabilities, provide comprehensive and accurate attack details, and its performance is better than that of the literature method, which is reflected in the higher accuracy, recall, accuracy and F1 value, and the leading area of the ROC curve. Its detection speed is extremely fast, only 0.03 s, and by combining malicious domain name and IP information, the detection efficiency is further improved, realizing rapid response and effectively maintaining Internet security.

查看原文本刊更多论文

基于关系图卷积网络的跨站脚本漏洞检测方法

本研究的目的是基于关系图卷积网络快速检测互联网上的跨站脚本攻击。根据跨站脚本攻击的原理和攻击过程，利用领域知识构建跨站脚本攻击本体，对跨站脚本攻击进行高层建模，获取能够反映跨站脚本攻击的数据，对这些攻击数据进行规范化，提取攻击数据词向量，作为加入注意机制的关系图卷积网络的输入，学习攻击特征词向量。通过卷积和池化进一步提取节点特征后，将所有节点特征聚合馈送到全连接神经网络中。通过对激活函数进行分类得到XSS漏洞检测结果，并结合恶意域名和恶意IP信息作为补充规则，提高基于关系图卷积网络的互联网跨站脚本漏洞检测的有效性。实验表明，该方法能够准确检测XSS漏洞，提供全面准确的攻击细节，性能优于文献方法，体现在准确率、查全率、准确率和F1值更高，且ROC曲线的领先面积更大。其检测速度极快，仅为0.03 s，并通过将恶意域名与IP信息相结合，进一步提高了检测效率，实现了快速响应，有效维护了互联网安全。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Web Engineering 工程技术-计算机：理论方法

CiteScore

1.80

自引率

12.50%

发文量

审稿时长

9 months

期刊介绍： The World Wide Web and its associated technologies have become a major implementation and delivery platform for a large variety of applications, ranging from simple institutional information Web sites to sophisticated supply-chain management systems, financial applications, e-government, distance learning, and entertainment, among others. Such applications, in addition to their intrinsic functionality, also exhibit the more complex behavior of distributed applications.