Federated Learning for XSS Detection: Analysing OOD, Non-IID Challenges, and Embedding Sensitivity
preprint
OA: closed
Abstract
This paper investigates federated learning (FL) as a practical approach to improving Cross-Site Scripting (XSS) detection under realistic out-of-distribution (OOD) conditions. Real-world XSS scenarios often involve fragmented attack patterns, heterogeneous non-malicious inputs, and data imbalance across clients, challenges that undermine generalisation in conventional detection systems. To simulate such deployment variability, we construct a federated setup with two structurally divergent datasets: one featuring fragmented and obfuscated XSS payloads with diverse negative samples, the other comprising syntactically regular, narrowly defined examples. This design introduces dual-sided structural OOD, with variation in both attack semantics and benign sample composition. We evaluate three embedding models (GloVe, GraphCodeBERT, and CodeT5) under centralised and federated training, analysing model behaviour across token-level divergence, embedding drift, and inter-client performance gaps. Results show that FL significantly improves model robustness under OOD settings by diffusing reliable decision boundaries from structurally clean clients to noisier participants. While transformer-based models achieve stronger overall performance, static embeddings like GloVe demonstrate greater resilience to negative-class variability. These findings highlight both the limitation and value of structure-sensitive embedding in federated XSS detection, and demonstrate the viability of FL under distributionally mismatched, privacy-constrained conditions.
My notes (saved in your browser only)
Citation neighborhood (no data yet)
We don't have any in-corpus citations linked to this paper yet. This is a recent paper (2025) — citers typically take a year or two to land, and the OpenAlex reference graph may still be filling in.
Source provenance
- europepmc
- last seen: 2026-05-20T01:45:00.602351+00:00