<![CDATA[Cross-Site Scripting (XSS) remains one of the most pervasive and persistent vulnerabilities in modern web applications, allowing attackers to inject and execute malicious scripts through user input fields. Conventional detection mechanisms based on static rules, blacklists, or handcrafted features often fail to recognize obfuscated or context-aware payloads, leading to severe gaps in real-time protection. This study proposes a hybrid deep learning architecture combining Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) to overcome these limitations by simultaneously capturing spatial patterns and sequential dependencies in character-level input. The model was trained and validated using both public XSS datasets and sanitized internal web logs to ensure robustness across diverse payload structures. Experimental results demonstrate high classification performance, achieving 98.67% accuracy, 98.21% precision, 99.29% recall, and an ROC-AUC of 0.9990. The hybrid CNN-LSTM architecture’s novel integration of local feature extraction and temporal context modeling enables superior generalization compared to conventional CNN or LSTM-only approaches. Beyond quantitative metrics, the model was deployed in a Flask-based web simulation to assess its real-world applicability, where it successfully detected and mitigated live XSS payloads in real time without disrupting benign user operations. These findings highlight the potential of hybrid deep learning models as adaptive, low-latency defenses for strengthening modern web application security infrastructures.]]>
Copyrights © 2026
