Research Article
GAXSS: Effective Payload Generation Method to Detect XSS Vulnerabilities Based on Genetic Algorithm
Table 11
Detection capabilities for different applications.
| | Application | Test points | XSS actually exists | True XSS found | Accuracy | Recall | False Positive | Average time/vul. (s) |
| | DedeCMS | 32 | 4 | 4 | 1.0 | 1.0 | 0 | 54 | | WebGoat | 52 | 6 | 5 | 0.981 | 0.833 | 0 | 46 | | WordPress | 28 | 5 | 4 | 0.964 | 0.8 | 0 | 79 | | EmpireCMS | 30 | 3 | 2 | 0.967 | 0.667 | 0 | 24 | | phpBB | 42 | 1 | 1 | 1.0 | 1.0 | 0 | 36 | | Self-built web | 18 | 8 | 6 | 0.889 | 0.75 | 0 | 72 | | Total | 202 | 27 | 22 | 0.975 | 0.815 | 0 | - |
|
|
