Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM

Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important informat...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Mobile Information Systems 2012-01, Vol.8 (3), p.275-286
Hauptverfasser: Choi, Jun-Ho, Choi, Chang, Ko, Byeong-Kyu, Kim, Pan-Koo
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 286
container_issue 3
container_start_page 275
container_title Mobile Information Systems
container_volume 8
creator Choi, Jun-Ho
Choi, Chang
Ko, Byeong-Kyu
Kim, Pan-Koo
description Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.
doi_str_mv 10.1155/2012/605495
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1038302389</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1038302389</sourcerecordid><originalsourceid>FETCH-LOGICAL-c233t-4192d902ef3268cd9ce7e509d5af12b717355e0c4d764ce183968b129906382b3</originalsourceid><addsrcrecordid>eNot0FFLwzAQwPEgCs7pk18gj4LUXZKmaR7H1ClMBet0byVLrxLXtTPJEL-9LfPp7uHHwf0JuWRww5iUEw6MTzKQqZZHZMRyJRMNcnXc71KlCTC1OiVnIXwBZCCkGpHXW4xoo-ta2tV05rsQaOEi0sJ6t4uu_aTTGI3dUNfSD-exwV48Y_zp_CbQZRhEm8y92VLTVrR4fzonJ7VpAl78zzFZ3t-9zR6Sxcv8cTZdJJYLEZOUaV5p4FgLnuW20hYVStCVNDXja8WUkBLBppXKUossFzrL14xrDZnI-VqMydXh7s5333sMsdy6YLFpTIvdPpQMRC6Ai1z39PpA7fCgx7rcebc1_rdH5VCuHMqVh3LiD9h3Xls</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1038302389</pqid></control><display><type>article</type><title>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</title><source>EZB-FREE-00999 freely available EZB journals</source><source>Wiley Online Library (Open Access Collection)</source><source>Alma/SFX Local Collection</source><creator>Choi, Jun-Ho ; Choi, Chang ; Ko, Byeong-Kyu ; Kim, Pan-Koo</creator><creatorcontrib>Choi, Jun-Ho ; Choi, Chang ; Ko, Byeong-Kyu ; Kim, Pan-Koo</creatorcontrib><description>Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.</description><identifier>ISSN: 1574-017X</identifier><identifier>EISSN: 1875-905X</identifier><identifier>DOI: 10.1155/2012/605495</identifier><language>eng</language><subject>Classification ; Dictionaries ; Indexing ; Information systems ; Networks ; Query languages ; Scripts ; Support vector machines</subject><ispartof>Mobile Information Systems, 2012-01, Vol.8 (3), p.275-286</ispartof><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c233t-4192d902ef3268cd9ce7e509d5af12b717355e0c4d764ce183968b129906382b3</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Choi, Jun-Ho</creatorcontrib><creatorcontrib>Choi, Chang</creatorcontrib><creatorcontrib>Ko, Byeong-Kyu</creatorcontrib><creatorcontrib>Kim, Pan-Koo</creatorcontrib><title>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</title><title>Mobile Information Systems</title><description>Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.</description><subject>Classification</subject><subject>Dictionaries</subject><subject>Indexing</subject><subject>Information systems</subject><subject>Networks</subject><subject>Query languages</subject><subject>Scripts</subject><subject>Support vector machines</subject><issn>1574-017X</issn><issn>1875-905X</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2012</creationdate><recordtype>article</recordtype><recordid>eNot0FFLwzAQwPEgCs7pk18gj4LUXZKmaR7H1ClMBet0byVLrxLXtTPJEL-9LfPp7uHHwf0JuWRww5iUEw6MTzKQqZZHZMRyJRMNcnXc71KlCTC1OiVnIXwBZCCkGpHXW4xoo-ta2tV05rsQaOEi0sJ6t4uu_aTTGI3dUNfSD-exwV48Y_zp_CbQZRhEm8y92VLTVrR4fzonJ7VpAl78zzFZ3t-9zR6Sxcv8cTZdJJYLEZOUaV5p4FgLnuW20hYVStCVNDXja8WUkBLBppXKUossFzrL14xrDZnI-VqMydXh7s5333sMsdy6YLFpTIvdPpQMRC6Ai1z39PpA7fCgx7rcebc1_rdH5VCuHMqVh3LiD9h3Xls</recordid><startdate>20120101</startdate><enddate>20120101</enddate><creator>Choi, Jun-Ho</creator><creator>Choi, Chang</creator><creator>Ko, Byeong-Kyu</creator><creator>Kim, Pan-Koo</creator><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20120101</creationdate><title>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</title><author>Choi, Jun-Ho ; Choi, Chang ; Ko, Byeong-Kyu ; Kim, Pan-Koo</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c233t-4192d902ef3268cd9ce7e509d5af12b717355e0c4d764ce183968b129906382b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2012</creationdate><topic>Classification</topic><topic>Dictionaries</topic><topic>Indexing</topic><topic>Information systems</topic><topic>Networks</topic><topic>Query languages</topic><topic>Scripts</topic><topic>Support vector machines</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Choi, Jun-Ho</creatorcontrib><creatorcontrib>Choi, Chang</creatorcontrib><creatorcontrib>Ko, Byeong-Kyu</creatorcontrib><creatorcontrib>Kim, Pan-Koo</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Mobile Information Systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Choi, Jun-Ho</au><au>Choi, Chang</au><au>Ko, Byeong-Kyu</au><au>Kim, Pan-Koo</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM</atitle><jtitle>Mobile Information Systems</jtitle><date>2012-01-01</date><risdate>2012</risdate><volume>8</volume><issue>3</issue><spage>275</spage><epage>286</epage><pages>275-286</pages><issn>1574-017X</issn><eissn>1875-905X</eissn><abstract>Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting) attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine) is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.</abstract><doi>10.1155/2012/605495</doi><tpages>12</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1574-017X
ispartof Mobile Information Systems, 2012-01, Vol.8 (3), p.275-286
issn 1574-017X
1875-905X
language eng
recordid cdi_proquest_miscellaneous_1038302389
source EZB-FREE-00999 freely available EZB journals; Wiley Online Library (Open Access Collection); Alma/SFX Local Collection
subjects Classification
Dictionaries
Indexing
Information systems
Networks
Query languages
Scripts
Support vector machines
title Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-24T01%3A00%3A38IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Detection%20of%20Cross%20Site%20Scripting%20Attack%20in%20Wireless%20Networks%20Using%20n-Gram%20and%20SVM&rft.jtitle=Mobile%20Information%20Systems&rft.au=Choi,%20Jun-Ho&rft.date=2012-01-01&rft.volume=8&rft.issue=3&rft.spage=275&rft.epage=286&rft.pages=275-286&rft.issn=1574-017X&rft.eissn=1875-905X&rft_id=info:doi/10.1155/2012/605495&rft_dat=%3Cproquest_cross%3E1038302389%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1038302389&rft_id=info:pmid/&rfr_iscdi=true