{"title":"JSON结构化数据中的异常检测","authors":"E. A. Shliakhtina, D. Gamayunov","doi":"10.17223/20710410/56/5","DOIUrl":null,"url":null,"abstract":"In this paper, we address the problem of intrusion detection for modern web applications and mobile applications with the cloud-based server side, using malicious content detection in JSON data, which is currently one of the most popular data serialization and exchange formats between client and server parts of an application. We propose a method for building a JSON model for the given set of JSON objects capable of detection of structure and type anomalies. The model is based on the models for basic data types inside JSON collection objects and schema model that generalizes objects’ structure in the collection. We performed experiments using modifications of objects’ structures and insertions of code injection attack vectors such as SQL injections, OS command injections, and JavaScript/HTML injections. The analysis showed statistical significance between the model’s predictions and the presence of anomalies in the data gathered from the real web applications’ traffic. The quality of the model’s predictions was measured using the Matthews correlation coefficient (MCC). The MCC values computed on the data were close to one which indicates the model’s high efficiency in solving the problem of anomaly detection in JSON objects.","PeriodicalId":42607,"journal":{"name":"Prikladnaya Diskretnaya Matematika","volume":"1 1","pages":""},"PeriodicalIF":0.2000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Anomaly detection in JSON structured data\",\"authors\":\"E. A. Shliakhtina, D. Gamayunov\",\"doi\":\"10.17223/20710410/56/5\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we address the problem of intrusion detection for modern web applications and mobile applications with the cloud-based server side, using malicious content detection in JSON data, which is currently one of the most popular data serialization and exchange formats between client and server parts of an application. We propose a method for building a JSON model for the given set of JSON objects capable of detection of structure and type anomalies. The model is based on the models for basic data types inside JSON collection objects and schema model that generalizes objects’ structure in the collection. We performed experiments using modifications of objects’ structures and insertions of code injection attack vectors such as SQL injections, OS command injections, and JavaScript/HTML injections. The analysis showed statistical significance between the model’s predictions and the presence of anomalies in the data gathered from the real web applications’ traffic. The quality of the model’s predictions was measured using the Matthews correlation coefficient (MCC). The MCC values computed on the data were close to one which indicates the model’s high efficiency in solving the problem of anomaly detection in JSON objects.\",\"PeriodicalId\":42607,\"journal\":{\"name\":\"Prikladnaya Diskretnaya Matematika\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":0.2000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Prikladnaya Diskretnaya Matematika\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.17223/20710410/56/5\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"MATHEMATICS, APPLIED\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Prikladnaya Diskretnaya Matematika","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17223/20710410/56/5","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"MATHEMATICS, APPLIED","Score":null,"Total":0}
In this paper, we address the problem of intrusion detection for modern web applications and mobile applications with the cloud-based server side, using malicious content detection in JSON data, which is currently one of the most popular data serialization and exchange formats between client and server parts of an application. We propose a method for building a JSON model for the given set of JSON objects capable of detection of structure and type anomalies. The model is based on the models for basic data types inside JSON collection objects and schema model that generalizes objects’ structure in the collection. We performed experiments using modifications of objects’ structures and insertions of code injection attack vectors such as SQL injections, OS command injections, and JavaScript/HTML injections. The analysis showed statistical significance between the model’s predictions and the presence of anomalies in the data gathered from the real web applications’ traffic. The quality of the model’s predictions was measured using the Matthews correlation coefficient (MCC). The MCC values computed on the data were close to one which indicates the model’s high efficiency in solving the problem of anomaly detection in JSON objects.
期刊介绍:
The scientific journal Prikladnaya Diskretnaya Matematika has been issued since 2008. It was registered by Federal Control Service in the Sphere of Communications and Mass Media (Registration Witness PI № FS 77-33762 in October 16th, in 2008). Prikladnaya Diskretnaya Matematika has been selected for coverage in Clarivate Analytics products and services. It is indexed and abstracted in SCOPUS and WoS Core Collection (Emerging Sources Citation Index). The journal is a quarterly. All the papers to be published in it are obligatorily verified by one or two specialists. The publication in the journal is free of charge and may be in Russian or in English. The topics of the journal are the following: 1.theoretical foundations of applied discrete mathematics – algebraic structures, discrete functions, combinatorial analysis, number theory, mathematical logic, information theory, systems of equations over finite fields and rings; 2.mathematical methods in cryptography – synthesis of cryptosystems, methods for cryptanalysis, pseudorandom generators, appreciation of cryptosystem security, cryptographic protocols, mathematical methods in quantum cryptography; 3.mathematical methods in steganography – synthesis of steganosystems, methods for steganoanalysis, appreciation of steganosystem security; 4.mathematical foundations of computer security – mathematical models for computer system security, mathematical methods for the analysis of the computer system security, mathematical methods for the synthesis of protected computer systems;[...]
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
