Research And Implementation Of XSS And DDoS Attack Detection Methods In Web Application

Nowadays,with the rapid development of Web technology,enterprises?individuals and even government departments are inseparable from the application of Web technology.The development of information?automation and intelligence also push web technology to a new height.However,although the application of Web technology makes our daily life more and more convenient,it also causes some unimaginable hidden trouble.DDoS attack and XSS attack are two of the most severe web attacks.Since their emergence,they have become an attack mode that is difficult for Web applications to deal with.The threat will be even greater if the hacker used XSS attack to develop a dummy machine and then used the dummy machine to launch a DDoS attack.Therefore,the detection work is very important.So far,network security researchers continue to promote the detection of the two types of attack,and the development of artificial intelligence also provides a new opportunity for the detection technology.However,the existing detection work still have the following problems:1)the existing open source datasets are outdated and cannot represent the current attack status;2)high requirements for dataset,the detection algorithm can only be effective when there is enough labeled data:3)the detection methods are not comprehensive enough,and are only for a certain attack or a certain situation;4)feature selection is not objective enough.In view of the above problems,this paper proposes detection algorithms for DDoS attack and XSS attack,respectively.The SKM-HFS algorithm is proposed to detect DDoS attacks,and the static analysis and model method is combined to detect XSS attacks.The main contents of this paper are as follows:1)Make full research on DDoS attacks,summarize the development status?categories and characteristics of DDoS attacks,and analyze the current research status of detection technology for DDoS attacks,as well as the existing shortcomings.A hybrid feature selection method based on Hadoop is proposed,and a semi-supervised weighted k-means algorithm——SKM-HFS,is proposed based on the feature selection method,which makes use of limited labeled data to obtain better detection performance.The initial center selection method of clustering is improved,and the outliers and local optimal solutions of k-means algorithm are also solved.A DDoS attack environment is set up to obtain real data,which solved the problem of dataset not keeping up with the times.2)The classification,utilization,detection technology and defense measures of XSS attack are analyzed in detail.This paper introduces the research status and existing problems of XSS detection methods by predecessors,and puts forward a two-layer model which combined static analysis and model method to detect XSS.Moreover,this paper solves the problem of insufficient label data by using semi-supervised learning.3)Design and implement a DDoS attack and XSS attack detection system.This paper introduces the design and implementation of five functional modules:data acquisition,data preprocessing,feature extraction,model training and attack detection.The function and performance of the system are verified and analyzed,and the effectiveness and practicability of the system are verified by the test.