XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding
Cross-site scripting attacks represent one of the major security threats facing web applications, with Stored XSS attacks becoming the predominant form. Compared to reflected XSS, stored XSS attack payloads exhibit temporal and spatial asynchrony between injection and execution, rendering traditiona...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-03-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/15/6/3348 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Cross-site scripting attacks represent one of the major security threats facing web applications, with Stored XSS attacks becoming the predominant form. Compared to reflected XSS, stored XSS attack payloads exhibit temporal and spatial asynchrony between injection and execution, rendering traditional browserside defenses based on request–response differential analysis ineffective. This paper presents XSShield, the first detection framework that leverages a Large Language Model to understand JavaScript semantics to defend against Stored XSS attacks. Through a Prompt Optimizer based on gradient descent and UCB-R selection algorithms, and a Data Adaptor based on program dependence graphs, the framework achieves real-time and fine-grained code processing. Experimental evaluation shows that XSShield achieves 93% accuracy and an F1 score of 0.9266 on the GPT-4 model, improving accuracy by an average of 88.8% compared to existing solutions. The processing time, excluding model communication overhead, averages only 0.205 s, demonstrating practical deployability without significantly impacting user experience. |
|---|---|
| ISSN: | 2076-3417 |