Research And Implementation Of XSS Detection Technology Based On Deep Learning

Internet technology provides us with great convenience,but also makes people in the "vortex" of network security risks.Because of its complexity,large number and serious harm,XSS has been listed as one of the top ten web security vulnerabilities by OWASP for many times,and its threat level has always been in the forefront.The existing XSS detection technology still needs to be optimized:manual feature extraction is time-consuming and over dependent on domain knowledge;the existing confusion technology and complex code logic make the identification of XSS attacks decline;the ability to capture unknown attacks needs to be improved.In view of the above problems,this thesis mainly does the following work:A character level bidirectional long-term and short-term memory network model based on multi-attention mechanism is proposed.The structural characteristics of the supervised model are:starting from the text sequence,the current features are associated with the prior text and the subsequent text through the bidirectional long-term and short-term memory network;the multi attention mechanism is used to obtain more features from different feature subspaces,so as to better learn the text semantics.The experimental results show that the model is effective for XSS detection.The F1 score of the new model can reach 98.71%.An unsupervised anomaly detection model based on the autoencoder framework is proposed.The model uses the automatic encoder which can carry out deep feature learning to process text semantic features,so as to achieve the effect of feature de-noising and highlighting important features,and combines with classifiers to make the final decision,so as to realize the judgment of unknown attack in the case of sparse black sample training set.The experimental results show that the model has a good detection effect on abnormal data.The accuracy of the new model can reach 99.39%.A XSS hybrid detection system is designed.The system combines the advantages of supervised classification detection model and unsupervised anomaly detection model,and improves the detection ability of the system against unknown XSS attacks.