Mitigating XML Injection 0-Day Attacks through Strategy-Based Detection Systems

The underlying technologies used by Web services bring known vulnerabilities to a new environment as well as increased targeting by attackers. The classical approaches--knowledge and signature based, respectively--for attack detection either produce high false positive detection rates or fails to detect attack variations, leading to 0-day attacks. To counter this trend, an ontology can help build a strategy-based knowledge attack database. A novel hybrid attack detection engine brings together the main advantages of knowledge- and signature-based classical approaches. Moreover, it is capable of mitigating 0-day attacks for XML injection, with no false positive detection rates.

[1]  Nikolas Mitrou,et al.  Ontology and Database Mapping: A Survey of Current Implementations and Future Directions , 2008, J. Web Eng..

[2]  Jun Han,et al.  Security Attack Ontology for Web Services , 2006, SKG.

[3]  David M. Booth,et al.  Web Services Architecture , 2004 .

[4]  Mohammad Abdollahi Azgomi,et al.  A distributed multi-approach intrusion detection system for web services , 2010, SIN.

[5]  G.S.V.R.K. Rao,et al.  An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services , 2008 .

[6]  Hervé Debar,et al.  A logic-based model to support alert correlation in intrusion detection , 2009, Inf. Fusion.

[7]  G.S.V.R.K. Rao,et al.  An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[8]  Jayant Gadge,et al.  Comprehensive test mechanism to detect attack on Web Services , 2008, 2008 16th IEEE International Conference on Networks.

[9]  Thomas R. Gruber,et al.  Toward principles for the design of ontologies used for knowledge sharing? , 1995, Int. J. Hum. Comput. Stud..

[10]  Timothy W. Finin,et al.  A Target-Centric Ontology for Intrusion Detection , 2003, IJCAI 2003.

[11]  Zakaria Maamar,et al.  Towards an ontology-based approach for specifying and securing Web services , 2006, Inf. Softw. Technol..

[12]  Elias Levy,et al.  Approaching Zero , 2004, IEEE Secur. Priv..

[13]  Marco Vieira,et al.  Benchmarking Vulnerability Detection Tools for Web Services , 2010, 2010 IEEE International Conference on Web Services.

[14]  A B S T R Preventing Injection Attacks with Syntax Embeddings , .

[15]  Peishen Qi,et al.  Ontology Translation on the Semantic Web , 2003, J. Data Semant..