Research And Implementation Of Multidimensional Detection Model For Cross Site Scripting

Cross-site scripting attacks are very harmful in today's Internet Security problems,Nowadays,the deep detection of cross-site script attacks is mostly based on background parsing and analysis of memory and log changes caused by web page behavior under virtual machine to detect cross-site scripting attacks,and the detection method is no longer highly targeted.now,we focus on this hot topic,and implement an efficient multi-dimensional detection model.This paper proposes a multi-dimensional detection model,which brings new changes to the detection of cross-site scripting attacks.Through the three dimensions of abstract syntax tree,differential DOM algorithm and XGboost classification model to detect the attacks.this paper uses node to start parsing Java Script script business using abstract syntax tree.Faced with complex and confusing Java Script code,this paper will introduce the target code segment.After lexical analysis and parsing,the files are stored in JSON format,and then their features are extracted.For cross-site script attacks based on DOM,the DOM tree strategy in HTML files is analyzed by using the optimized difference algorithm.The static HTML files before and after cross-site scripting attacks are parsed by DOM tree,and the difference of optimization in this paper is utilized.Different algorithms are compared to get target features.Centrally deal with 14 features according to the characteristics of cross-site network attacks on the Web-side,combined with machine learning model XGboost classification model,through iteration to generate decision tree,and through adjusting parameters to meet the requirements of the optimal model,a multi-dimensional cross-site scripting attack detection model is constructed by combining the above three dimensions of detection methods.After the optimization test of the algorithm and the accuracy test of the model,Verification of the efficiency and high accuracy of the model.The multi-dimensional detection model of cross-site scripting attack proposed in this paper,facing the complexity of cross-site scripting attack,develops targeted solutions and formulates multi-dimensional detection strategy.It is believed that after the follow-up study,it can achieve similar accuracy and application practice with commercial detection software.