By Topic

Mitigating XML Injection 0-Day Attacks through Strategy-Based Detection Systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Thiago Mattos Rosa ; Exxon Mobil Information Technology ; Altair Olivo Santin ; Andreia Malucelli

The underlying technologies used by Web services bring known vulnerabilities to a new environment as well as increased targeting by attackers. The classical approaches--knowledge and signature based, respectively--for attack detection either produce high false positive detection rates or fails to detect attack variations, leading to 0-day attacks. To counter this trend, an ontology can help build a strategy-based knowledge attack database. A novel hybrid attack detection engine brings together the main advantages of knowledge- and signature-based classical approaches. Moreover, it is capable of mitigating 0-day attacks for XML injection, with no false positive detection rates.

Published in:

IEEE Security & Privacy  (Volume:11 ,  Issue: 4 )