Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM
Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important informat...
Gespeichert in:
Veröffentlicht in: | Mobile Information Systems 2012-01, Vol.8 (3), p.275-286 |
---|---|
Hauptverfasser: | , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | 286 |
---|---|
container_issue | 3 |
container_start_page | 275 |
container_title | Mobile Information Systems |
container_volume | 8 |
creator | Choi, Jun-Ho Choi, Chang Ko, Byeong-Kyu Kim, Pan-Koo |
description | Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall. |
doi_str_mv | 10.1155/2012/605495 |
format | Article |
fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1038302389</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1038302389</sourcerecordid><originalsourceid>FETCH-LOGICAL-c233t-4192d902ef3268cd9ce7e509d5af12b717355e0c4d764ce183968b129906382b3</originalsourceid><addsrcrecordid>eNot0FFLwzAQwPEgCs7pk18gj4LUXZKmaR7H1ClMBet0byVLrxLXtTPJEL-9LfPp7uHHwf0JuWRww5iUEw6MTzKQqZZHZMRyJRMNcnXc71KlCTC1OiVnIXwBZCCkGpHXW4xoo-ta2tV05rsQaOEi0sJ6t4uu_aTTGI3dUNfSD-exwV48Y_zp_CbQZRhEm8y92VLTVrR4fzonJ7VpAl78zzFZ3t-9zR6Sxcv8cTZdJJYLEZOUaV5p4FgLnuW20hYVStCVNDXja8WUkBLBppXKUossFzrL14xrDZnI-VqMydXh7s5333sMsdy6YLFpTIvdPpQMRC6Ai1z39PpA7fCgx7rcebc1_rdH5VCuHMqVh3LiD9h3Xls</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1038302389</pqid></control><display><type>article</type><title>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</title><source>EZB-FREE-00999 freely available EZB journals</source><source>Wiley Online Library (Open Access Collection)</source><source>Alma/SFX Local Collection</source><creator>Choi, Jun-Ho ; Choi, Chang ; Ko, Byeong-Kyu ; Kim, Pan-Koo</creator><creatorcontrib>Choi, Jun-Ho ; Choi, Chang ; Ko, Byeong-Kyu ; Kim, Pan-Koo</creatorcontrib><description>Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.</description><identifier>ISSN: 1574-017X</identifier><identifier>EISSN: 1875-905X</identifier><identifier>DOI: 10.1155/2012/605495</identifier><language>eng</language><subject>Classification ; Dictionaries ; Indexing ; Information systems ; Networks ; Query languages ; Scripts ; Support vector machines</subject><ispartof>Mobile Information Systems, 2012-01, Vol.8 (3), p.275-286</ispartof><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c233t-4192d902ef3268cd9ce7e509d5af12b717355e0c4d764ce183968b129906382b3</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Choi, Jun-Ho</creatorcontrib><creatorcontrib>Choi, Chang</creatorcontrib><creatorcontrib>Ko, Byeong-Kyu</creatorcontrib><creatorcontrib>Kim, Pan-Koo</creatorcontrib><title>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</title><title>Mobile Information Systems</title><description>Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.</description><subject>Classification</subject><subject>Dictionaries</subject><subject>Indexing</subject><subject>Information systems</subject><subject>Networks</subject><subject>Query languages</subject><subject>Scripts</subject><subject>Support vector machines</subject><issn>1574-017X</issn><issn>1875-905X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2012</creationdate><recordtype>article</recordtype><recordid>eNot0FFLwzAQwPEgCs7pk18gj4LUXZKmaR7H1ClMBet0byVLrxLXtTPJEL-9LfPp7uHHwf0JuWRww5iUEw6MTzKQqZZHZMRyJRMNcnXc71KlCTC1OiVnIXwBZCCkGpHXW4xoo-ta2tV05rsQaOEi0sJ6t4uu_aTTGI3dUNfSD-exwV48Y_zp_CbQZRhEm8y92VLTVrR4fzonJ7VpAl78zzFZ3t-9zR6Sxcv8cTZdJJYLEZOUaV5p4FgLnuW20hYVStCVNDXja8WUkBLBppXKUossFzrL14xrDZnI-VqMydXh7s5333sMsdy6YLFpTIvdPpQMRC6Ai1z39PpA7fCgx7rcebc1_rdH5VCuHMqVh3LiD9h3Xls</recordid><startdate>20120101</startdate><enddate>20120101</enddate><creator>Choi, Jun-Ho</creator><creator>Choi, Chang</creator><creator>Ko, Byeong-Kyu</creator><creator>Kim, Pan-Koo</creator><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20120101</creationdate><title>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</title><author>Choi, Jun-Ho ; Choi, Chang ; Ko, Byeong-Kyu ; Kim, Pan-Koo</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c233t-4192d902ef3268cd9ce7e509d5af12b717355e0c4d764ce183968b129906382b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2012</creationdate><topic>Classification</topic><topic>Dictionaries</topic><topic>Indexing</topic><topic>Information systems</topic><topic>Networks</topic><topic>Query languages</topic><topic>Scripts</topic><topic>Support vector machines</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Choi, Jun-Ho</creatorcontrib><creatorcontrib>Choi, Chang</creatorcontrib><creatorcontrib>Ko, Byeong-Kyu</creatorcontrib><creatorcontrib>Kim, Pan-Koo</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Mobile Information Systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Choi, Jun-Ho</au><au>Choi, Chang</au><au>Ko, Byeong-Kyu</au><au>Kim, Pan-Koo</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</atitle><jtitle>Mobile Information Systems</jtitle><date>2012-01-01</date><risdate>2012</risdate><volume>8</volume><issue>3</issue><spage>275</spage><epage>286</epage><pages>275-286</pages><issn>1574-017X</issn><eissn>1875-905X</eissn><abstract>Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.</abstract><doi>10.1155/2012/605495</doi><tpages>12</tpages><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | ISSN: 1574-017X |
ispartof | Mobile Information Systems, 2012-01, Vol.8 (3), p.275-286 |
issn | 1574-017X 1875-905X |
language | eng |
recordid | cdi_proquest_miscellaneous_1038302389 |
source | EZB-FREE-00999 freely available EZB journals; Wiley Online Library (Open Access Collection); Alma/SFX Local Collection |
subjects | Classification Dictionaries Indexing Information systems Networks Query languages Scripts Support vector machines |
title | Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-24T01%3A00%3A38IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Detection%20of%20Cross%20Site%20Scripting%20Attack%20in%20Wireless%20Networks%20Using%20n-Gram%20and%20SVM&rft.jtitle=Mobile%20Information%20Systems&rft.au=Choi,%20Jun-Ho&rft.date=2012-01-01&rft.volume=8&rft.issue=3&rft.spage=275&rft.epage=286&rft.pages=275-286&rft.issn=1574-017X&rft.eissn=1875-905X&rft_id=info:doi/10.1155/2012/605495&rft_dat=%3Cproquest_cross%3E1038302389%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1038302389&rft_id=info:pmid/&rfr_iscdi=true |