Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

A Server Side Solution for Detecting WebInject: A Machine Learning Approach

  • Conference paper
  • First Online:
Trends and Applications in Knowledge Discovery and Data Mining (PAKDD 2018)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 11154))

Included in the following conference series:

Abstract

With the advancement of client-side on the fly web content generation techniques, it becomes easier for attackers to modify the content of a website dynamically and gain access to valuable information. A majority portion of online attacks is now done by WebInject. The end users are not always skilled enough to differentiate between injected content and actual contents of a webpage. Some of the existing solutions are designed for client side and all the users have to install it in their system, which is a challenging task. In addition, various platforms and tools are used by individuals, so different solutions needed to be designed. Existing server side solution often focuses on sanitizing and filtering the inputs. It will fail to detect obfuscated and hidden scripts. In this paper, we propose a server side solution using a machine learning approach to detect WebInject in banking websites. Unlike other techniques, our method collects features of a Document Object Model (DOM) and classifies it with the help of a pre-trained model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Continella, A., Carminati, M., Polino, M., Lanzi, A., Zanero, S., Maggi, F.: Prometheus: analyzing webinject-based information stealers. J. Comput. Secur. 25(2), 117–137 (2017)

    Article  Google Scholar 

  2. Criscione, C., Bosatelli, F., Zanero, S., Maggi, F.: ZARATHUSTRA: extracting webinject signatures from banking trojans. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust (PST), pp. 139–148. IEEE (2014)

    Google Scholar 

  3. Dalai, A.K., Ankush, S.D., Jena, S.K.: XSS attack prevention using DOM-based filter. In: Sa, P.K., Sahoo, M.N., Murugappan, M., Wu, Y., Majhi, B. (eds.) Progress in Intelligent Computing Techniques: Theory, Practice, and Applications. AISC, vol. 519, pp. 227–234. Springer, Singapore (2018). https://doi.org/10.1007/978-981-10-3376-6_25

    Chapter  Google Scholar 

  4. Fattori, A., Lanzi, A., Balzarotti, D., Kirda, E.: Hypervisor-based malware protection with accessminer. Comput. Secur. 52, 33–50 (2015)

    Article  Google Scholar 

  5. Heiderich, M., Frosch, T., Holz, T.: IceShield: detection and mitigation of malicious websites with a frozen DOM. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 281–300. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23644-0_15

    Chapter  Google Scholar 

  6. Kałużny, J., Olejarka, M.: Script-based malware detection in online banking security overview. Black Hat Asia (2015)

    Google Scholar 

  7. Kharouni, L.: Automating online banking fraud, automatic transfer system: the latest cybercrime toolkit feature. Technical report, Trend Micro Incorporated (2012)

    Google Scholar 

  8. Kirda, E., Kruegel, C., Vigna, G., Jovanovic, N.: Noxes: A client-side solution for mitigating cross-site scripting attacks. In: Proceedings of the 2006 ACM Symposium on Applied Computing SAC 2006, pp. 330–337. ACM, New York (2006)

    Google Scholar 

  9. Lekies, S., Stock, B., Johns, M.: 25 million flows later: large-scale detection of DOM-based XSS. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1193–1204. ACM (2013)

    Google Scholar 

  10. Marashdih, A.W., Zaaba, Z.F.: Detection and removing cross site scripting vulnerability in PHP web application. In: 2017 International Conference on Promising Electronic Technologies (ICPET), pp. 26–31, October 2017

    Google Scholar 

  11. Marashdih, A.W., Zaaba, Z.F., Omer, H.K.: Web security: detection of cross site scripting in PHP web application using genetic algorithm. Int. J. Adv. Comput. Sci. Appl. (ijacsa) 8(5) (2017)

    Google Scholar 

  12. Saha, S., Jin, S., Doh, K.G.: Detection of DOM-based cross-site scripting by analyzing dynamically extracted scripts. In: The 6th International Conference on Information Security and Assurance (2012)

    Google Scholar 

  13. Stock, B., Pfistner, S., Kaiser, B., Lekies, S., Johns, M.: From facepalm to brain bender: exploring client-side cross-site scripting. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1419–1430. ACM (2015)

    Google Scholar 

  14. Sullivan, B.: Server-side Javascript injection. Black Hat USA (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Internet Commerce Security Laboratory (ICSL), Federation University Australia, Ballarat, Australia

    Md. Moniruzzaman, Adil Bagirov & Iqbal Gondal

  2. Westpac Banking Corporation, Sydney, Australia

    Simon Brown

Authors
  1. Md. Moniruzzaman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Adil Bagirov
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Iqbal Gondal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Simon Brown
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Md. Moniruzzaman .

Editor information

Editors and Affiliations

  1. University of Melbourne, Melbourne, VIC, Australia

    Mohadeseh Ganji

  2. University of Melbourne, Melbourne, VIC, Australia

    Lida Rashidi

  3. McGill University, Montreal, QC, Canada

    Benjamin C. M. Fung

  4. Griffith University, Gold Coast, QLD, Australia

    Can Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Moniruzzaman, M., Bagirov, A., Gondal, I., Brown, S. (2018). A Server Side Solution for Detecting WebInject: A Machine Learning Approach. In: Ganji, M., Rashidi, L., Fung, B., Wang, C. (eds) Trends and Applications in Knowledge Discovery and Data Mining. PAKDD 2018. Lecture Notes in Computer Science(), vol 11154. Springer, Cham. https://doi.org/10.1007/978-3-030-04503-6_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04503-6_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04502-9

  • Online ISBN: 978-3-030-04503-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation