{"id":"https://openalex.org/W7113911400","doi":"https://doi.org/10.1109/tdsc.2025.3642307","title":"An XSS Attack Detection Model Based on Two-Stage AST Analysis","display_name":"An XSS Attack Detection Model Based on Two-Stage AST Analysis","publication_year":2025,"publication_date":"2025-12-10","ids":{"openalex":"https://openalex.org/W7113911400","doi":"https://doi.org/10.1109/tdsc.2025.3642307"},"language":null,"primary_location":{"id":"doi:10.1109/tdsc.2025.3642307","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3642307","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Qiuhua Wang","orcid":"https://orcid.org/0000-0002-0017-9026"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Qiuhua Wang","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Chuangchuang Li","orcid":null},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chuangchuang Li","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Lifeng Yuan","orcid":"https://orcid.org/0000-0002-5655-1026"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lifeng Yuan","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Dong Wang","orcid":"https://orcid.org/0000-0001-9246-204X"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dong Wang","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Yeru Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yeru Wang","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Yizhi Ren","orcid":"https://orcid.org/0000-0002-1421-9164"},"institutions":[{"id":"https://openalex.org/I50760025","display_name":"Hangzhou Dianzi University","ror":"https://ror.org/0576gt767","country_code":"CN","type":"education","lineage":["https://openalex.org/I50760025"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yizhi Ren","raw_affiliation_strings":["School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace, Hangzhou Dianzi University, Hangzhou, China","institution_ids":["https://openalex.org/I50760025"]}]},{"author_position":"last","author":{"id":null,"display_name":"Weizhi Meng","orcid":"https://orcid.org/0000-0003-4384-5786"},"institutions":[{"id":"https://openalex.org/I67415387","display_name":"Lancaster University","ror":"https://ror.org/04f2nsd36","country_code":"GB","type":"education","lineage":["https://openalex.org/I67415387"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Weizhi Meng","raw_affiliation_strings":["Department of Computing and Communications, Lancaster University, Lancaster, U.K"],"affiliations":[{"raw_affiliation_string":"Department of Computing and Communications, Lancaster University, Lancaster, U.K","institution_ids":["https://openalex.org/I67415387"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I50760025"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.72890359,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"23","issue":"2","first_page":"4071","last_page":"4084"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9768999814987183,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9768999814987183,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.006300000008195639,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.00419999985024333,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.9563000202178955},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.7924000024795532},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5741999745368958},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5327000021934509},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.49000000953674316},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.45899999141693115},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4034000039100647},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.3792000114917755}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.9563000202178955},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8927000164985657},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.7924000024795532},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5741999745368958},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5327000021934509},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.49000000953674316},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4652999937534332},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.45899999141693115},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4138999879360199},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4034000039100647},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39079999923706055},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.3792000114917755},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.37290000915527344},{"id":"https://openalex.org/C186644900","wikidata":"https://www.wikidata.org/wiki/Q194152","display_name":"Parsing","level":2,"score":0.3447999954223633},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.3314000070095062},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.3310000002384186},{"id":"https://openalex.org/C519991488","wikidata":"https://www.wikidata.org/wiki/Q28865","display_name":"Python (programming language)","level":2,"score":0.3215000033378601},{"id":"https://openalex.org/C137922610","wikidata":"https://www.wikidata.org/wiki/Q2093","display_name":"Document Object Model","level":3,"score":0.32019999623298645},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.31529998779296875},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.2806999981403351},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.2736000120639801},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.27160000801086426},{"id":"https://openalex.org/C113174947","wikidata":"https://www.wikidata.org/wiki/Q2859736","display_name":"Tree (set theory)","level":2,"score":0.26460000872612}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2025.3642307","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3642307","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.8161431550979614,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W2064675550","https://openalex.org/W2752902453","https://openalex.org/W2770225980","https://openalex.org/W2805746269","https://openalex.org/W2936625782","https://openalex.org/W2961730189","https://openalex.org/W2967963259","https://openalex.org/W2969612742","https://openalex.org/W2998778465","https://openalex.org/W3007497615","https://openalex.org/W3094810545","https://openalex.org/W3139259445","https://openalex.org/W3214771494","https://openalex.org/W4220845512","https://openalex.org/W4283515566","https://openalex.org/W4362498919"],"related_works":[],"abstract_inverted_index":{"Cross-site":[0],"scripting":[1],"(XSS)":[2],"attacks":[3,19],"pose":[4],"a":[5,79,254],"significant":[6,268],"threat":[7],"to":[8,49,60,122,161],"web":[9,176],"applications":[10],"and":[11,26,46,93,115,119,127,172,181,193,215,265],"user":[12],"privacy,":[13],"with":[14,187,243],"the":[15,102,110,142,151,155,170,191,196,244],"number":[16],"of":[17,104,112,117,175,195,213,219,257],"such":[18],"rapidly":[20],"increasing.":[21],"Although":[22],"existing":[23,226,236],"machine":[24],"learning":[25],"deep":[27],"learning-based":[28],"XSS":[29,37,67,81,223,233,273],"attack":[30,82],"detection":[31,83,197,237,245,255],"models":[32,40,64,238,264],"are":[33],"effective":[34],"against":[35,51,221,272],"common":[36],"attacks,":[38],"these":[39,63],"all":[41],"overlook":[42],"their":[43],"own":[44],"security":[45,192],"often":[47],"fail":[48],"defend":[50],"adversarial":[52,68,105,128,132,183,232,274],"samples":[53,163],"that":[54,185],"exploit":[55],"model":[56,84,108,179,252],"vulnerabilities,":[57],"allowing":[58],"attackers":[59],"successfully":[61],"bypass":[62],"by":[65,131],"using":[66],"samples.":[69,106,133],"To":[70],"address":[71],"this":[72,75],"challenge,":[73],"in":[74,270],"paper,":[76],"we":[77],"propose":[78],"novel":[80],"based":[85],"on":[86,201],"two-stage":[87,135],"Abstract":[88],"Syntax":[89],"Tree":[90],"(AST)":[91],"analysis":[92,116],"Long":[94],"Short-Term":[95],"Memory":[96],"(LSTM)":[97],"neural":[98,157],"networks,":[99],"effectively":[100,123],"mitigating":[101],"impact":[103],"Our":[107],"leverages":[109],"ability":[111],"AST":[113],"parsing":[114],"HTML":[118,143,171],"JavaScript":[120,139,152,173],"code":[121,140,148],"eliminate":[124],"redundant":[125],"information":[126],"perturbations":[129,184],"introduced":[130],"The":[134],"process":[136],"first":[137],"extracts":[138],"from":[141,150],"AST,":[144],"then":[145],"identifies":[146,180],"malicious":[147,165],"fragments":[149],"AST.":[153],"Finally,":[154],"LSTM":[156],"network":[158],"is":[159],"trained":[160],"classify":[162],"as":[164],"or":[166],"benign.":[167],"By":[168],"analyzing":[169],"components":[174],"pages,":[177],"our":[178,205,251],"eliminates":[182],"interfere":[186],"detection,":[188],"significantly":[189,260],"enhancing":[190],"reliability":[194],"process.":[198],"Extensive":[199],"experiments":[200],"real":[202],"datasets":[203],"demonstrate":[204],"model's":[206],"superior":[207],"performance,":[208],"achieving":[209],"an":[210,216],"accuracy":[211],"rate":[212,246,256],"0.991":[214],"F1":[217],"score":[218],"0.998":[220],"standard":[222],"samples,":[224,234],"outperforming":[225],"models.":[227],"More":[228],"importantly,":[229],"when":[230],"facing":[231],"most":[235],"exhibit":[239],"severe":[240],"robustness":[241],"degradation":[242],"(DR)":[247],"below":[248],"0.880,":[249],"whereas":[250],"maintains":[253],"over":[258],"0.982,":[259],"higher":[261],"than":[262],"state-of-the-art":[263],"demonstrating":[266],"its":[267],"effectiveness":[269],"defending":[271],"attacks.":[275]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-12-11T00:00:00"}