XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding
Cross-site scripting attacks represent one of the major security threats facing web applications, with Stored XSS attacks becoming the predominant form. Compared to reflected XSS, stored XSS attack payloads exhibit temporal and spatial asynchrony between injection and execution, rendering traditiona...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-03-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/15/6/3348 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849343335027703808 |
|---|---|
| author | Yuan Zhou Enze Wang Wantong Yang Wenlin Ge Siyi Yang Yibo Zhang Wei Qu Wei Xie |
| author_facet | Yuan Zhou Enze Wang Wantong Yang Wenlin Ge Siyi Yang Yibo Zhang Wei Qu Wei Xie |
| author_sort | Yuan Zhou |
| collection | DOAJ |
| description | Cross-site scripting attacks represent one of the major security threats facing web applications, with Stored XSS attacks becoming the predominant form. Compared to reflected XSS, stored XSS attack payloads exhibit temporal and spatial asynchrony between injection and execution, rendering traditional browserside defenses based on request–response differential analysis ineffective. This paper presents XSShield, the first detection framework that leverages a Large Language Model to understand JavaScript semantics to defend against Stored XSS attacks. Through a Prompt Optimizer based on gradient descent and UCB-R selection algorithms, and a Data Adaptor based on program dependence graphs, the framework achieves real-time and fine-grained code processing. Experimental evaluation shows that XSShield achieves 93% accuracy and an F1 score of 0.9266 on the GPT-4 model, improving accuracy by an average of 88.8% compared to existing solutions. The processing time, excluding model communication overhead, averages only 0.205 s, demonstrating practical deployability without significantly impacting user experience. |
| format | Article |
| id | doaj-art-b3d25fb3e308417fb2a5d8f375c2e2af |
| institution | Kabale University |
| issn | 2076-3417 |
| language | English |
| publishDate | 2025-03-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj-art-b3d25fb3e308417fb2a5d8f375c2e2af2025-08-20T03:43:01ZengMDPI AGApplied Sciences2076-34172025-03-01156334810.3390/app15063348XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic UnderstandingYuan Zhou0Enze Wang1Wantong Yang2Wenlin Ge3Siyi Yang4Yibo Zhang5Wei Qu6Wei Xie7College of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCollege of Computer Science and Technology, National University of Defense Technology, No.137 Yanwachi Street, Changsha 410073, ChinaCross-site scripting attacks represent one of the major security threats facing web applications, with Stored XSS attacks becoming the predominant form. Compared to reflected XSS, stored XSS attack payloads exhibit temporal and spatial asynchrony between injection and execution, rendering traditional browserside defenses based on request–response differential analysis ineffective. This paper presents XSShield, the first detection framework that leverages a Large Language Model to understand JavaScript semantics to defend against Stored XSS attacks. Through a Prompt Optimizer based on gradient descent and UCB-R selection algorithms, and a Data Adaptor based on program dependence graphs, the framework achieves real-time and fine-grained code processing. Experimental evaluation shows that XSShield achieves 93% accuracy and an F1 score of 0.9266 on the GPT-4 model, improving accuracy by an average of 88.8% compared to existing solutions. The processing time, excluding model communication overhead, averages only 0.205 s, demonstrating practical deployability without significantly impacting user experience.https://www.mdpi.com/2076-3417/15/6/3348stored XSSLLMprompt learning |
| spellingShingle | Yuan Zhou Enze Wang Wantong Yang Wenlin Ge Siyi Yang Yibo Zhang Wei Qu Wei Xie XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding Applied Sciences stored XSS LLM prompt learning |
| title | XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding |
| title_full | XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding |
| title_fullStr | XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding |
| title_full_unstemmed | XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding |
| title_short | XSShield: Defending Against Stored XSS Attacks Using LLM-Based Semantic Understanding |
| title_sort | xsshield defending against stored xss attacks using llm based semantic understanding |
| topic | stored XSS LLM prompt learning |
| url | https://www.mdpi.com/2076-3417/15/6/3348 |
| work_keys_str_mv | AT yuanzhou xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT enzewang xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT wantongyang xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT wenlinge xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT siyiyang xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT yibozhang xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT weiqu xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding AT weixie xsshielddefendingagainststoredxssattacksusingllmbasedsemanticunderstanding |