使用正则表达式和机器学习改进的针对注入攻击的过滤器

Network Security Pub Date : 2022-09-01 DOI:10.12968/s1353-4858(22)70055-4

Sujan Chegu, Gautam U Reddy, Bharath S Bhambore, KA Adeab, Prasad B. Honnavalli, Sivaraman Eswaran

{"title":"使用正则表达式和机器学习改进的针对注入攻击的过滤器","authors":"Sujan Chegu, Gautam U Reddy, Bharath S Bhambore, KA Adeab, Prasad B. Honnavalli, Sivaraman Eswaran","doi":"10.12968/s1353-4858(22)70055-4","DOIUrl":null,"url":null,"abstract":"Injection-based attacks have consistently made the Open Web Application Security Project (OWASP)Top 10 vulnerabilities for years. 1 Common types of injection attacks include SQL injection, cross-site scripting (XSS) and code injection. Filter engines are used to detect and sanitise user inputs for these malicious attacks. The user input is assumed to be tainted by default. Thus, the ability of a filter in terms of accuracy and latency is important. There exist various approaches to improve filters, primarily including techniques based on regular expressions (regexes), abstract syntax tree, machine learning and so on. However, the testing of modern solutions has achieved no more than 98.5% accuracy for XSS. This article looks at ways to improve accuracy.","PeriodicalId":100949,"journal":{"name":"Network Security","volume":"67 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An improved filter against injection attacks using regex and machine learning\",\"authors\":\"Sujan Chegu, Gautam U Reddy, Bharath S Bhambore, KA Adeab, Prasad B. Honnavalli, Sivaraman Eswaran\",\"doi\":\"10.12968/s1353-4858(22)70055-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Injection-based attacks have consistently made the Open Web Application Security Project (OWASP)Top 10 vulnerabilities for years. 1 Common types of injection attacks include SQL injection, cross-site scripting (XSS) and code injection. Filter engines are used to detect and sanitise user inputs for these malicious attacks. The user input is assumed to be tainted by default. Thus, the ability of a filter in terms of accuracy and latency is important. There exist various approaches to improve filters, primarily including techniques based on regular expressions (regexes), abstract syntax tree, machine learning and so on. However, the testing of modern solutions has achieved no more than 98.5% accuracy for XSS. This article looks at ways to improve accuracy.\",\"PeriodicalId\":100949,\"journal\":{\"name\":\"Network Security\",\"volume\":\"67 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Network Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.12968/s1353-4858(22)70055-4\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.12968/s1353-4858(22)70055-4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

多年来，基于注入的攻击一直是开放Web应用程序安全项目(OWASP)十大漏洞之一。1常见的注入攻击包括SQL注入、跨站脚本攻击和代码注入。过滤引擎用于检测和过滤这些恶意攻击的用户输入。默认情况下，假定用户输入是受污染的。因此，过滤器在准确性和延迟方面的能力很重要。有很多改进过滤器的方法，主要包括基于正则表达式、抽象语法树、机器学习等的技术。然而，现代解决方案的测试对XSS的准确率不超过98.5%。本文着眼于提高准确性的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

An improved filter against injection attacks using regex and machine learning

Injection-based attacks have consistently made the Open Web Application Security Project (OWASP)Top 10 vulnerabilities for years. 1 Common types of injection attacks include SQL injection, cross-site scripting (XSS) and code injection. Filter engines are used to detect and sanitise user inputs for these malicious attacks. The user input is assumed to be tainted by default. Thus, the ability of a filter in terms of accuracy and latency is important. There exist various approaches to improve filters, primarily including techniques based on regular expressions (regexes), abstract syntax tree, machine learning and so on. However, the testing of modern solutions has achieved no more than 98.5% accuracy for XSS. This article looks at ways to improve accuracy.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Network Security

自引率

0.00%

发文量

期刊最新文献

Cyber threats and key mitigation strategies Enhancing network resilience against growing cyberthreats The burden of keeping passwords secret Is new legislation the answer to curbing cybercrime? Interconnection, NIS2 and the mobile device