Next Article in Journal
A Room Monitoring System Using Deep Learning and Perspective Correction Techniques
Next Article in Special Issue
Cross-Site Scripting Guardian: A Static XSS Detector Based on Data Stream Input-Output Association Mining
Previous Article in Journal
Error Analysis and Calibration Improvement of the Imaging Section in a Mueller Matrix Microscope
Previous Article in Special Issue
Methodology for Forensics Data Reconstruction on Mobile Devices with Android Operating System Applying In-System Programming and Combination Firmware
Article

Providing Email Privacy by Preventing Webmail from Loading Malicious XSS Payloads

College of Cybersecurity, Sichuan University, Chengdu 610065, China
*
Author to whom correspondence should be addressed.
Appl. Sci. 2020, 10(13), 4425; https://doi.org/10.3390/app10134425
Received: 29 May 2020 / Revised: 20 June 2020 / Accepted: 24 June 2020 / Published: 27 June 2020
With the development of internet technology, email has become the formal communication method in modern society. Email often contains a large amount of personal privacy information, possible business agreements, and sensitive attachments, which make emails a good target for hackers. One of the most common attack method used by hackers is email XSS (Cross-site scripting). Through exploiting XSS vulnerabilities, hackers can steal identities, logging into the victim’s mailbox and stealing content directly. Therefore, this paper proposes an email XSS detection model based on deep learning technology, which can identify whether the XSS payload is carried in the email or not. Firstly, the model could extract the Sender, Receiver, Subject, Content, Attachment field information from the original email. Secondly, the email XSS corpus is formed after data processing. The Word2Vec algorithm is introduced to train the corpus and extract features for each email sample. Finally, the model uses the Bidirectional-RNN algorithm and Attention mechanism to train the email XSS detection model. In the experiment, the AUC (area under curve) value of the Bidirectional-RNN model reached 0.9979. When the Attention mechanism was added, the accuracy upper limit of the Bidirectional-RNN model was raised to 0.9936, and the loss value was reduced to 0.03. View Full-Text
Keywords: Webmail; XSS; Word2Vec; deep learning; Attention mechanism Webmail; XSS; Word2Vec; deep learning; Attention mechanism
Show Figures

Figure 1

MDPI and ACS Style

Fang, Y.; Xu, Y.; Jia, P.; Huang, C. Providing Email Privacy by Preventing Webmail from Loading Malicious XSS Payloads. Appl. Sci. 2020, 10, 4425. https://doi.org/10.3390/app10134425

AMA Style

Fang Y, Xu Y, Jia P, Huang C. Providing Email Privacy by Preventing Webmail from Loading Malicious XSS Payloads. Applied Sciences. 2020; 10(13):4425. https://doi.org/10.3390/app10134425

Chicago/Turabian Style

Fang, Yong, Yijia Xu, Peng Jia, and Cheng Huang. 2020. "Providing Email Privacy by Preventing Webmail from Loading Malicious XSS Payloads" Applied Sciences 10, no. 13: 4425. https://doi.org/10.3390/app10134425

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop