Arabo, AbdullahiAlmutairi, Taher2023-11-022023-11-022023UWE harvard stylehttps://hdl.handle.net/20.500.14154/69559One of the most significant vulnerabilities that web applications face is Cross- Site Scripting (XSS) attacks. Therefore, our study aimed to compare three distinct machine learning techniques that detect these attacks. These techniques included a hybrid model that combines feature selection information gain (IG), correlation coefficient (CC) and dimensionality reduction principal component analysis (PCA). The evaluation of these models utilized performance metrics such as accuracy, precision, recall, F1 score, area under the curve of the receiver operating characteristic curve (ROC AUC score), training time and prediction time. Ultimately, the hybrid SVM(IG+CC+PCA) model proved to be the most efficient and accurate. This information is important for anyone involved in web application development, as it highlights the effectiveness of machine learning in identifying and mitigating XSS attacks.15enCross-Site Scripting (XSS)Machine learningFeature selectionDimensionality reductionHybrid SVM modelWeb application security.Thesis