Sriwijaya Journal of Informatics and Applications

Rule-Based Signature or also known as Misuse Detection is IDS which rely on matching data captured on retrieval of attack pattern which in system that allow attacks. If the attack activity detected according to existing signature, then it will be read by system and called as attack. The advantage of this Signature-Based IDS is the accuracy of detecting matched attack which in the system with low false-positive result and high true-positive. Cross-Site Scripting is type of attack which is perform by injecting code (usually) JavaScript to a site. XSS is very often utilized by attacker to steal web browser resource such as cookie, credentials, etc. Dataset which used in this research is dataset which created by injecting script into a website. Once obtained the dataset, then feature extraction is performed to separate the attribute which used. XSS attack pattern can be easily recognized from URI, and then detected using engine which has been created. Detection result of algorithm which used is evaluated using confusion matrix to determine detection accuracy value which performed. Obtained accuracy detection of research result reached 99.4% with TPR 98.8% and FPR 0%.

S. Gupta and L. Sharma, “Exploitation of Cross-Site Scripting ( XSS ) Vulnerability on Real World Web Applications and its Defense,” nternational J. Comput. Appl. (0975 – 8887), vol. 60, no. 14, pp. 28–33, 2012.

K. K. Mookhey and N. Burghate, “Detection of SQL Injection and Cross-site Scripting Attacks,” Symantec, pp. 3–7, 2010.

N. Sagita, N. D. Cahyani, and F. A. Yulianto, “Perbandingan Performansi Antara Signature Based dan Anomaly Based Dalam Pendeteksian Intrusi,” 2011.

C. Obimbo, K. Ali, and K. Mohamed, “Using IDS to prevent XSS Attacks,” Int’l Conf. Secur. Manag., pp. 233–239, 2017.

C. M. Frenz and J. P. Yoon, “XSSmon: A Perl based IDS for the detection of potential XSS attacks,” 2012 IEEE Long Isl. Syst. Appl. Technol. Conf. LISAT 2012, pp. 0–3, 2012.

M. R. Zalbina, T. W. Septian, D. Stiawan, M. Y. Idris, A. Heryanto, and R. Budiarto, “Payload recognition and detection of Cross Site Scripting attack,” 2017 2nd Int. Conf. Anti-Cyber Crimes, ICACC 2017, pp. 172–176, 2017.