DOI: 10.14569/IJACSA.2025.0160673

Hybrid Detection Framework Using Natural Language Processing (NLP) and Reinforcement Learning (RL) for Cross-Site Scripting (XSS) Attacks

Author 1: Carlo Jude P. Abuda

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 16 Issue 6, 2025.

Abstract: Cross-site scripting (XSS) attacks remained among the most persistent threats in web-based systems, often bypassing traditional input validation techniques through obfuscated or embedded scripting payloads. Existing detection models typically relied on static rules or shallow learning techniques, limiting their ability to adapt to evolving attack vectors. This research addressed that gap by developing a hybrid detection framework that integrated natural language processing (NLP) and reinforcement learning (RL) techniques to classify and interpret malicious web inputs. The study aimed to design, develop, and evaluate a system that transformed raw input strings into structured features, trained a deep neural network (DNN) for binary classification, and simulated agent-based learning through policy-driven feedback. The methodology followed the Design Development Research (DDR) framework. Preprocessing involved lowercasing, lemmatization, stopword removal, and TF-IDF vectorization. The trained DNN achieved high accuracy and demonstrated clear boundary separability through PCA and t-SNE visualizations. In the simulation phase, the RL agent optimized its classification policy using cumulative rewards, Q-value heatmaps, and decision contour projections. Results confirmed the system’s capability to generalize across input variations while maintaining interpretability and precision. This framework provided a scalable solution for web application security and demonstrated the effectiveness of semantically guided and policy-aware models for detecting XSS threats.

Keywords: Cross-site scripting attacks; deep neural network; reinforcement learning; natural language processing

Carlo Jude P. Abuda, “Hybrid Detection Framework Using Natural Language Processing (NLP) and Reinforcement Learning (RL) for Cross-Site Scripting (XSS) Attacks” International Journal of Advanced Computer Science and Applications(IJACSA), 16(6), 2025. http://dx.doi.org/10.14569/IJACSA.2025.0160673

@article{Abuda2025,
title = {Hybrid Detection Framework Using Natural Language Processing (NLP) and Reinforcement Learning (RL) for Cross-Site Scripting (XSS) Attacks},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160673},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160673},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {6},
author = {Carlo Jude P. Abuda}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

IntelliSys 2025

28-29 August 2025

Future Technologies Conference 2025

6-7 November 2025

Healthcare Conference 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

IntelliSys 2026

3-4 September 2026

Computer Vision Conference 2026

15-16 October 2026