ConvXSS: a deep learning-based smart ICT framework against code injection attacks for HTML5 web applications in sustainable smart city infrastructure

Koundinya Kuppa, Anushka Dayal, Shashank Gupta*, Amit Dua, Pooja Chaudhary, Shailendra Rathore

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

In this paper we propose ConvXSS, a novel deep learning approach for the detection of XSS and code injection attacks, followed by context-based sanitization of the malicious code if the model detects any malicious code in the application. Firstly, we briefly discuss XSS and code injection attacks that might pose threat to sustainable smart cities. Along with this, we discuss various approaches proposed previously for the detection and alleviation of these attacks followed by their respective limitations. Then we propose our deep learning model adopting whose novelty is based on the approach followed for Data Pre-Processing. Then we finally propose Context-based Sanitization to replace the malicious part of the code with sanitized code. Numerical experiments conducted on various datasets have shown various results out of which the best model has an accuracy of 99.42%, a precision of 99.81% and a recall of 99.35%. When compared with other state of the art techniques in this domain, our approach shows at par or in the best case, better results in terms of detection speed and accuracy of CSS attacks.
Original languageEnglish
Article number103765
Number of pages19
JournalSustainable Cities and Society
Volume80
Early online date23 Feb 2022
DOIs
Publication statusPublished - 1 May 2022

Keywords

  • Sustainable smart cities
  • Security
  • Privacy
  • ICT
  • CPS
  • Web security
  • Deep learning
  • Data preprocessing
  • Training and testing
  • Neural Networks
  • Sanitization
  • CNN
  • XSS attack
  • Malicious code
  • Code injection attack

Cite this