Resolving cross-site scripting attacks through genetic algorithm and reinforcement learning
Published in Expert Systems with Applications, 2021
Recommended citation: Iram Tariq, Muddassar Sindhu, Rabeeh Abbasi, Akmal Khattak, Onaiza Maqbool, Ghazanfar Siddiqui, "Resolving cross-site scripting attacks through genetic algorithm and reinforcement learning." Expert Systems with Applications, 2021. http://www.sciencedirect.com/science/article/pii/S0957417420310599
Cross Site Scripting (XSS) is one of the most frequently occurring vulnerability. The impact of XSS can vary from cosmetic to catastrophic damages. However, detection of XSS efficiently is still an open issue. Cross site scripting has been dealt with static and dynamic analysis previously. Both techniques have shortcomings and fail due to frequent variations in XSS payloads. Therefore, in this paper, we have proposed the use of Genetic Algorithm (GA) along with Reinforcement Learning (RL) and threat intelligence to overcome XSS attacks. For validation, the proposed approach is applied on a real dataset of XSS attacks. Results show better performance of our proposed approach when compared to the approaches reported in the literature. In addition to better performance, our method is not only flexible to changes in XSS payloads, but the results are also more understandable to end users. Moreover, our approach shows improvement when the number of attacks is increased.