IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v11y2019i8p177-d257579.html
   My bibliography  Save this article

RLXSS: Optimizing XSS Detection Model to Defend Against Adversarial Attacks Based on Reinforcement Learning

Author

Listed:
  • Yong Fang

    (College of Cybersecurity, Sichuan University, Chengdu 610065, Sichuan, China)

  • Cheng Huang

    (College of Cybersecurity, Sichuan University, Chengdu 610065, Sichuan, China)

  • Yijia Xu

    (College of Cybersecurity, Sichuan University, Chengdu 610065, Sichuan, China)

  • Yang Li

    (College of Electronics and Information Engineering, Sichuan University, Chengdu 610065, Sichuan, China)

Abstract

With the development of artificial intelligence, machine learning algorithms and deep learning algorithms are widely applied to attack detection models. Adversarial attacks against artificial intelligence models become inevitable problems when there is a lack of research on the cross-site scripting (XSS) attack detection model for defense against attacks. It is extremely important to design a method that can effectively improve the detection model against attack. In this paper, we present a method based on reinforcement learning (called RLXSS), which aims to optimize the XSS detection model to defend against adversarial attacks. First, the adversarial samples of the detection model are mined by the adversarial attack model based on reinforcement learning. Secondly, the detection model and the adversarial model are alternately trained. After each round, the newly-excavated adversarial samples are marked as a malicious sample and are used to retrain the detection model. Experimental results show that the proposed RLXSS model can successfully mine adversarial samples that escape black-box and white-box detection and retain aggressive features. What is more, by alternately training the detection model and the confrontation attack model, the escape rate of the detection model is continuously reduced, which indicates that the model can improve the ability of the detection model to defend against attacks.

Suggested Citation

  • Yong Fang & Cheng Huang & Yijia Xu & Yang Li, 2019. "RLXSS: Optimizing XSS Detection Model to Defend Against Adversarial Attacks Based on Reinforcement Learning," Future Internet, MDPI, vol. 11(8), pages 1-13, August.
    • Handle: RePEc:gam:jftint:v:11:y:2019:i:8:p:177-:d:257579
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/11/8/177/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/11/8/177/
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Yuting Guan & Junjiang He & Tao Li & Hui Zhao & Baoqiang Ma, 2023. "SSQLi: A Black-Box Adversarial Attack Method for SQL Injection Based on Reinforcement Learning," Future Internet, MDPI, vol. 15(4), pages 1-18, March.
    2. Yinfeng Wang & Longxiang Wang & Xiaoshe Dong, 2021. "An Intelligent TCP Congestion Control Method Based on Deep Q Network," Future Internet, MDPI, vol. 13(10), pages 1-14, October.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:11:y:2019:i:8:p:177-:d:257579. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.