XSSClassifier: An Efficient XSS Attack Detection Approach Based on Machine Learning Classifier on SNSs

Social networking services (SNSs) such as Twitter, MySpace, and Facebook have become progressivelysignificant with its billions of users. Still, alongside this increase is an increase in security threats such as crosssitescripting (XSS) threat. Recently, a few approaches have been proposed to detect an XSS attack on SNSs. Due to the certain recent features of SNSs webpages such as JavaScript and AJAX, however, the existingapproaches are not efficient in combating XSS attack on SNSs. In this paper, we propose a machine learningbasedapproach to detecting XSS attack on SNSs. In our approach, the detection of XSS attack is performedbased on three features: URLs, webpage, and SNSs. A dataset is prepared by collecting 1,000 SNSs webpagesand extracting the features from these webpages. Ten different machine learning classifiers are used on aprepared dataset to classify webpages into two categories: XSS or non-XSS. To validate the efficiency of theproposed approach, we evaluated and compared it with other existing approaches. The evaluation resultsshow that our approach attains better performance in the SNS environment, recording the highest accuracy of0.972 and lowest false positive rate of 0.87. KCI Citation Count: 3