Document-Based and URL-Based Features for Automatic Classification of Cross-Site Scripting in Web Pages
Dynamic websites comprised of objects such as HTML tags, script functions, hyperlinks and advanced features in browsers which provides numerous resources and interactiveness in services currently provided on the Internet. However, these features have also increased security risks and attacks since they allow malicious codes injection or XSS (Cross-Site Scripting). XSS is the greatest threats to web applications in recent years. This paper presents the experimental results obtained on XSS automatic classification in web pages using machine learning techniques. The authors focus on features extracted from web document content and URL. Their results demonstrate that the proposed features lead to highly accurate classification of malicious page.