Real-time traffic-based detection of XSS vulnerabilities via bidirectional HTTP traffic analysis

2025, vol.17 , no.4, pp. 69-78

Article [2025-04-07]

Cross-site Scripting (XSS) vulnerabilities continue to compromise web application security due to delayed detection by periodic scans. This paper proposes a novel real-time, traffic-based detection system that inspects HTTP request-response flows to verify exploitability dynamically. Unlike existing solutions that rely on static rules or post-analysis, the introduced proxy-based framework passively tracks and correlates incoming requests with their reflections in outgoing responses, specifically examining executable contexts. Evaluation using established testing suites demonstrates that the system accurately identifies 66% of exploitable XSS vulnerabilities confirmed by dynamic scanners, with no false positives. The results highlight that real-time traffic analysis effectively complements existing tools, providing immediate and actionable vulnerability insights, significantly narrowing the window for attackers and accelerating the defensive response.

xss, traffic analysis, web security, web application firewall

https://doi.org/10.59035/XOOT8612

Download full article

Anas Roubi, Muhalim Mohamed Amin. Real-time traffic-based detection of XSS vulnerabilities via bidirectional HTTP traffic analysis. International Journal on Information Technologies and Security, vol.17 , no.4, 2025, pp. 69-78. https://doi.org/10.59035/XOOT8612