DOI: 10.14704/nq.2022.20.8.NQ44952

Detecting XSS Attack Using Principal Component Analysis And Naive Bayesian Techniques

Nagham kamil albusalih, Rana jumaa aljanabi

Abstract

Web applications are now beneficial and powerful and are used in many industries, including finance, ecommerce, healthcare, and more. As a result, they must be effectively protected.Web applications can have flaws that hackers can employ to obtain user credentials. The Cross Site Scripting (XSS) attack is a severe vulnerability that compromises the security of web applications. An XSS threat is when an attacker injects malicious script code into a web application from the client side, through the user's browser, or from the server side, through the database. This malicious script is made of JavaScript code and is injected into the web application's untrusted input data. In this study, an intrusion detection system is used to detect XSS attacks. Unnecessary information was reduced from the original high-dimensionaldata by using Principal Component Analysis (PCA).Then naïve Bayesian (NB) classifier was used to check if these samples are normal or abnormal network connections. the proposed approach was tested using the CICIDS2017 dataset. Results of the experiments show that using (20) extracted features from PCA with NB classifier gains higher accuracy (0.968) than the accuracy of using all features with NB, which was (0.908) for cross-site scripting (XSS) attack detection.

Keywords

intrusion detection systems, Principal Component Analysis, CICIDS2017 dataset,cross-site scripting attack, naïve Bayesian

Full Text

References