Barde, Shreyas Sudhir (2020) Cross Site Scripting detection using Random Forest Bagging and Dataset Ensemble Modelling. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (857kB) | Preview |
Preview |
PDF (Configuration manual)
Download (598kB) | Preview |
Abstract
Cross-site scripting known as XSS attack is a type of the most vulnerable and critical attack on web apps. Conventional strategies of detection of XSS are basically focused on the vulnerability of apps only, which are depending on the static and dynamic analysis. These methods seem frail in protecting applications from the wave of different sorts of payload attacks. In this study, the cross-site scripting detection methodology is introduced which is based on a dataset ensemble learning technic that utilizes different XSS datasets. This study has included ensembled dataset of real-world payloads which helps to accurate detection of real-time attacks. Along with that, this study is proposed a novel approach of the feature extractions from the malicious scripts, which leads to the exact detection of XSS attacks on the system. The outcomes of this study are reasonable and explainable. To reverify the results of the proposed approach, Parallel to the Random Forest model, Various other models have been tested on an ensembled realworld dataset of the XSS payloads. From the result of the proposed strategy, the accuracy and efficiency of this model can be clearly observed. Particularly when the attacking input is based on real-time payloads, this method and model detects any malicious script most accurately. Moreover, the use of a bagging algorithm improves the stability, accuracy, and reduces variance. It also helps to avoid overfitting of the model used for research. The accuracy has been observed with this model is 97.16% and the training time is 0.28 seconds.
Item Type: | Thesis (Masters) |
---|---|
Subjects: | Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security |
Divisions: | School of Computing > Master of Science in Cyber Security |
Depositing User: | Dan English |
Date Deposited: | 26 Jan 2021 14:20 |
Last Modified: | 26 Jan 2021 14:20 |
URI: | https://norma.ncirl.ie/id/eprint/4486 |
Actions (login required)
View Item |