Research On Detection Of Cross-site Scripting Attack Based On Deep Learning

With the development of computer network and the rapid popularization of the Internet,the Internet brings convenience to people but the security problems are also followed.As one of the most common attack methods are used by attackers is that cross-site scripting attack makes it more and more difficult to detect and prevent attacks by means such as malicious deformation of XSS attack code.For this reason,the related research of the vulnerability has been a hot topic in the security field.Based on the analysis of the principle of XSS attack and the research on XSS attack detection methods at home and abroad,it is found that the traditional detection methods are more effective for the well-known attacks.But it does not have the same effect on the unknown attacks.The machine learning method can improve the unknown attack detection effect to some extent,but the attack detection effect of malicious deformation is poor.Moreover,the machine learning method needs a lot of manual extraction of features and the detection effect is easily affected by the quality of feature extraction.Aiming at the above shortcomings of cross-site scripting detection methods,a new cross-site scripting detection method based on the Transformer model is proposed,and the model is improved.Then a better cross-site script attack detection method based on Transformer-LSTM model is obtain.The presented model solve the problem of cross-site scripting code easy to avoid malicious deformation detection.It leads to inadequate feature extraction and low detection efficiency.The experimental results show that the proposed Transformer-LSTM model has better detection rate.This paper applies Transformer model to XSS attack detection for the first time and preprocesses the data.At the same time,it decodes XSS script code with decoding technology.The technology can solve the problem that it is difficult to detect malicious XSS attack code.Furthermore,Tokenizer is used to input the decoded code into the Transformer model for training.The Transformer model can automatically learn XSS attack features and solve the deficiencies existing in manual feature extraction.Besides,it also has multiple attention mechanism to learn features more comprehensively.Then the Softmax classifier is used to classify the abstract features which are already mastered and just whether they are XSS script attack statements or not.The accuracy rate of this method reaches 98.9%.According to the research,it is found that Transformer model does not contain cyclic neural network structure and convolutional neural network structure which are deficient in capturing sequence information.In order to get better in captureing the word order position information lost in the Transformer model.The long-short term memory network is used to optimize the Transformer model,in order to obtain a higher detection rate and better performance of the cross-site script attack detection method based on the Transformer-LSTM model.The experimental results show that this method can improve the accuracy by 99.8% and recall rate by 99.5% compared with unimproved Transformer model detection method,traditional machine learning method and mainstream deep learning method.