XSS_GraphAttention: A Graph Attention Network Approach for Enhanced Detection of Cross-Site Scripting Attacks

Cross-Site Scripting (XSS) attacks continue to be among the most critical and damaging cyber threats, as highlighted by the OWASP Top ۱۰ report, despite extensive efforts by security experts to detect and mitigate them. Attackers exploit XSS vulnerabilities to steal sensitive user information, alter website content deceptively, and execute browser-based exploits. Therefore, effective detection of XSS attacks is essential to prevent financial and personal harm to both users and organizations. XSS detection techniques can be broadly categorized into signature-based and behavior-based approaches. While signature-based methods are effective only against known attacks, behavior-based methods can also identify unknown attacks, making them more crucial given the diversity of XSS techniques. Machine Learning and Neural Network methods are commonly used in behavior-based detection. The rich information structure provided by graphs, when combined with these methods, makes them highly effective in detecting attacks. This paper presents XSS_GraphAttention, a model based on Graph Neural Networks (GNNs) that leverages a Graph Attention Network (GAT) to detect malicious XSS scripts embedded in user-submitted content. Our model operates as a server-side prevention mechanism comprising three primary phases. The first phase involves input preprocessing, which standardizes user inputs to ensure consistent analysis. In the second phase, a graph is constructed from the preprocessed data to capture structural relationships. Lastly, the GAT-based graph neural network is trained on this graph, optimizing its capability to identify potential threats effectively. Experimental results indicate that XSS_GraphAttention effectively detects a wide range of XSS attacks, achieving an accuracy of ۹۹.۲۶, thereby demonstrating its potential as a real-world solution.