Recently, attacks against web application, such as SQL injection and cross site scripting, tend to increase. The detection methods against web application attacks such as pattern recognition, parsing and listing methods (web application firewall) have been developed. However, the evasion techniques of web application attacks are developing still now.
In this paper, we proposed a new detection algorithm against cross site scripting attacks by extracting an attack feature of cross site scripting attacks considering the appearance position and frequency of symbols. Our proposed algorithm learns the attack features from given attack samples. We prepared samples for learning and testing, to show the effectiveness of our proposed algorithm. As the result, our proposed detection method was successfully detected 99.5% attack test samples and 97.5% normal test samples.
5th Mosharaka International Conference on Communications, Computers and Applications (MIC-CCA 2012)
Congress
2012 Global Congress on Communications, Computers and Applications (GC-CCA 2012), 12-14 October 2012, Istanbul, Turkey
Pages
69-74
Topics
Security Algorithms and Vulnerability Analysis Network Security and Privacy
ISSN
2227-331X
DOI
BibTeX
@inproceedings{443CCA2012,
title={Cross Site Scripting Attacks Detection Algorithm Based on the Appearance Position of Characters},
author={Takeshi Matsuda, and Daiki Koizumi, and Michio Sonoda},
booktitle={2012 Global Congress on Communications, Computers and Applications (GC-CCA 2012)},
year={2012},
pages={69-74},
doi={}},
organization={Mosharaka for Research and Studies}
}