Detection of cross site scripting attack in wireless networks using n-Gram and SVM

Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS Cross Site Scripting attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM Support Vector Machine is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.

[1]  Daesung Moon,et al.  Recovery of flash memories for reliable mobile storages , 2010, Mob. Inf. Syst..

[2]  Junho Choi,et al.  Efficient Malicious Code Detection Using N-Gram Analysis and SVM , 2011, 2011 14th International Conference on Network-Based Information Systems.

[3]  Giovanni Vigna,et al.  A Learning-Based Approach to the Detection of SQL Attacks , 2005, DIMVA.

[4]  Maya Gokhale,et al.  Language classification using n-grams accelerated by FPGA-based Bloom filters , 2007, HPRCTA.

[5]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[6]  Muhammad Zubair Shafiq,et al.  Embedded Malware Detection Using Markov n-Grams , 2008, DIMVA.

[7]  Jianping Yin,et al.  Intelligent Detection Computer Viruses Based on Multiple Classifiers , 2007, UIC.

[8]  Carol J. Fung Collaborative Intrusion Detection Networks and Insider Attacks , 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[9]  Fatos Xhafa,et al.  Using mobile devices to support online collaborative learning , 2010 .

[10]  Christopher Krügel,et al.  Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks , 2006, NDSS.

[11]  Jayamsakthi Shanmugam,et al.  Cross Site Scripting-Latest developments and solutions: A survey , 2008 .

[12]  Marcus A. Maloof,et al.  Learning to Detect and Classify Malicious Executables in the Wild , 2006, J. Mach. Learn. Res..

[13]  Ilsun You,et al.  Enhancing SVO Logic for Mobile IPv6 Security Protocols , 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[14]  Francesco Palmieri,et al.  Automatic security assessment for next generation wireless mobile networks , 2011, Mob. Inf. Syst..

[15]  Alessandro Orso,et al.  AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks , 2005, ASE.

[16]  Albert Y. Zomaya,et al.  A Lightweight Security Framework for Wireless Sensor Networks , 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[17]  Bruce W. Weide,et al.  Using parse tree validation to prevent SQL injection attacks , 2005, SEM '05.

[18]  Chin-Ling Chen Design of a secure RFID authentication scheme preceding market transactions , 2011, Mob. Inf. Syst..

[19]  Shahid Ali,et al.  Improved Estimation of Trilateration Distances for Indoor Wireless Intrusion Detection , 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[20]  Dingxing Zhang,et al.  Using Support Vector Machine to Detect Unknown Computer Viruses , 2006 .

[21]  Jae-Chul Park,et al.  SQL Injection Attack Detection: Profiling of Web Application Parameter Using the Sequence Pairwise Alignment , 2006, WISA.

[22]  Shih-Kun Huang,et al.  Web application security assessment by fault injection and behavior monitoring , 2003, WWW '03.

[23]  Zhendong Su,et al.  The essence of command injection attacks in web applications , 2006, POPL '06.

[24]  Salvatore J. Stolfo,et al.  Data mining methods for detection of new malicious executables , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.