The Research On Distributed Cross-site Scripting Attack Detection System Based On CNN-LSTM Hybrid Model

Cross-site scripting vulnerabilities is a kind of typical Web security vulnerabilities,after years of research of attack-defense,which has been became the most common Web security domain security vulnerabilities in professional terms.Currently,the defense mechanism for cross-site scripting attacks can be divided into three categories:(1)Server-side code filtering;(2)Client-side filtering;(3)Network intermediate equipment defense.Any defense mechanism involves filtering input and output data,but they have many problems in efficiency,performance,slow response speed,false alarm rate,and false alarm.In this paper,we study the principle of cross site scripting attacks,based on the reference of existing defensive measures,add the deep learning model,distributed data processing technology,container,and container will be distributed technology combined with the depth of deep learning model,designing a hybrid depth learning algorithm model based on convolution neural network and long-term memory neural network for distributing cross-site scripting attack detection.The system users the distributed message queue to buffer the data of the original HTTP traffic through reasonable shunt processing of traffic.We use the container technology to obtain data from distributed message queue to complete preprocessing.Docker based container data processing module,including HTTP traffic URL decoding,Base64 decoding,deformation of attack traffic processing as well as to the quantitative work,which making full use of distributed message queue and container to improve the system performance in the case of guarantee accuracy at the same time.In this paper,the concept of DDL4XSS system is used to detect Cross-site scripting attacks based on distributed Message Queuing,container technology and depth learning model.In the system,the distributed message queue and the container processing technology are used to design the function modularization,which combine the distributed technology with the depth learning model,and make full use of the system resources while improving the detection efficiency.The experimental results show that the hybrid model has an accuracy of 99.79%for Cross script attack detection,0.84%higher than the support machine model and 0.22%higher than the LSTM model,and the model is at least 0.2%lower than support vector machine and LSTM model in terms of false detection rate and missing rate.The implementation of the DDL4XSS system is deployed to the real Internet environment for the detection of Cross-site scripting attacks,through offline and online experiments to verify that the DDL4XSS system implemented by the thesis has high speed and accuracy for the detection of Cross-site scripting attacks.