The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July-Aug. (2013 vol.11)
pp: 46-53
Thiago Mattos Rosa , Exxon Mobil Information Technology
Altair Olivo Santin , Pontifical Catholic University of Parana
Andreia Malucelli , Pontifical Catholic University of Parana
ABSTRACT
The underlying technologies used by Web services bring known vulnerabilities to a new environment as well as increased targeting by attackers. The classical approaches--knowledge and signature based, respectively--for attack detection either produce high false positive detection rates or fails to detect attack variations, leading to 0-day attacks. To counter this trend, an ontology can help build a strategy-based knowledge attack database. A novel hybrid attack detection engine brings together the main advantages of knowledge- and signature-based classical approaches. Moreover, it is capable of mitigating 0-day attacks for XML injection, with no false positive detection rates.
INDEX TERMS
Ontologies, Databases, XML, Intrusion detection, Web services, Security, Computer security, 0-day attack, intrusion detection system, ontology, Web services, XML injection, zero-day
CITATION
Thiago Mattos Rosa, Altair Olivo Santin, Andreia Malucelli, "Mitigating XML Injection 0-Day Attacks through Strategy-Based Detection Systems", IEEE Security & Privacy, vol.11, no. 4, pp. 46-53, July-Aug. 2013, doi:10.1109/MSP.2012.83
REFERENCES
1. D. Booth et al., “Web Services Architecture,” working group note, W3C, Feb. 2004; www.w3.org/TRws-arch.
2. OWASP Annual Report, Open Web Application Security Project, 2009; www.owasp.org/images/3/3f2009AnnualReport.pdf .
3. I. Siddavatam and J. Gadge, “Comprehensive Test Mechanism to Detect Attack on Web Services,” Proc. 16th IEEE Int'l Conf. on Networks (ICON 08), IEEE, 2008, pp. 1-6.
4. N. Antunes and M. Vieira, “Benchmarking Vulnerability Detection Tools for Web Services,” Proc. IEEE Int'l Conf. Web Services (ICWS), IEEE CS, 2010; doi;10.1109/ICWS.2010.76.
5. C.G. Yee, W.H. Shin, and G.S.V.R.K. Rao, “An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services,” Proc. Int'l Conf. Convergence Information Technology, IEEE, 2007, pp. 528-534.
6. E. Levy, “Approaching Zero,” IEEE Security & Privacy, vol. 2, no. 4, 2004, pp. 65-66.
7. N. Konstantinou, D. Spanos, and N. Mitrou, “Ontology and Database Mapping: A Survey of Current Implementations and Future Directions,” J. Web Eng., vol. 7, no. 1, 2008, pp. 1-24.
8. D. Dou, D. McDermott, and P. Qi, “Ontology Translation on the Semantic Web,” J. Data Semantics, vol. 2, 2004, pp. 35-57.
9. T.R. Gruber, “Toward Principles for the Design of Ontologies Used for Knowledge Sharing,” Int'l J. Human–Computer Studies, vol. 43, nos. 5–6, 1993, pp. 907-928.
10. B. Morin et al., “A Logic-Based Model to Support Alert correlation in Intrusion Detection,” Information Fusion, vol. 10, no. 4, 2009, pp. 285-299.
30 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool