Abstract
The Code Injection Attack (CIA) exploits a security vulnerability or computer bug that is caused by processing invalid data, CIA is a serious attack problem that attackers try to introduce any new methodologies to bypass the defense system. In this paper, we introduce a novel detection algorithm for detection of code injection attack. Our empirical performance shows that the proposed algorithm give better results compared to existing results.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Qbea’h, M., Alshraideh, M., Sabri, K.E.: Detecting and preventing SQL injection attacks: a formal approach. In: Cybersecurity and Cyberforensics Conference (CCC), pp. 123–129. IEEE, Amman (2016)
Xiao, X., Yan, R., Ye, R., Li, Q., Peng, S., Jiang, Y.: Detection and prevention of code injection attacks on HTML5-based apps. In: Third International Conference on Advanced Cloud and Big Data, pp. 254–26. IEEE, Yangzhou (2015)
Priyaa, D., Devi, I.: Fragmented Query parse tree based SQL injection detection system for web applications. In: International Conference on Computing Technologies and Intelligent Data Engineering (ICCTIDE’16), pp. 1–5. IEEE, Kovilpatti (2016)
Zhao, Z., Ahn, G.: Using instruction sequence abstraction for shellcode detection and attribution. In: Conference on Communications and Network Security (CNS), pp. 323–331. IEEE, National Harbor, MD (2013)
Qu, B., Liang, B., Jiang, S., Ye, C.: Design of automatic vulnerability detection system for web application program. In: 4th International Conference on Software Engineering and Service Science, pp. 89–92. IEEE, Beijing (2013)
Priyaa, D., Devi, I.: Hybrid SQL injection detection system. In: 3rd International Conference on Advanced Computing and Communication Systems (ICACCS), pp. 1–5. IEEE, Coimbatore (2016)
Wikipedia. https://en.wikipedia.org/wiki/File_inclusion_vulnerability
Alnabulsi, H., Islam, R., Mamun, Q.: Detecting SQL injection attacks using SNORT IDS. In: Asia-Pacific World Congress on Computer Science and Engineering Conference, pp. 1–7. IEEE, Nadi (2014)
OWASP. https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
HTTP DATASET CSIC 2010. http://www.isi.csic.es/dataset/
Our Favorite XSS Filters/IDS and how to Attack Them. http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Alnabulsi, H., Islam, R., Mamun, Q. (2018). A Novel Algorithm to Protect Code Injection Attacks. In: Abawajy, J., Choo, KK., Islam, R. (eds) International Conference on Applications and Techniques in Cyber Security and Intelligence. ATCI 2017. Advances in Intelligent Systems and Computing, vol 580. Edizioni della Normale, Cham. https://doi.org/10.1007/978-3-319-67071-3_35
Download citation
DOI: https://doi.org/10.1007/978-3-319-67071-3_35
Published:
Publisher Name: Edizioni della Normale, Cham
Print ISBN: 978-3-319-67070-6
Online ISBN: 978-3-319-67071-3
eBook Packages: EngineeringEngineering (R0)