In recent years, the injection attacks are the most common application layer attacks currently being used on the Internet. The growing acceptance of XML technologies for documents and protocols make the web application uncovered and exploited by hackers. XPath is a language used for querying XML document. XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. In this paper, we proposed an SVM learning based approach to protect web services against the XPath injection attacks. We have implemented a kernel based on trees and incorporate it to the libSVM tool. To proceed, we extract all possible sub trees from the xpath parse tree request, then we find the similarity between two structures by summing the similarity of their substructures. The architecture of our proposed solution is compounded of two principals modules: the learning engine and the predictor one. Before a treatment of incoming XPath queries, an Aspect oriented Programming interceptor component is invoked to intercept this query and submit it to the SVM engine predictor.
Copyright © 2013 Praise Worthy Prize - All rights reserved.

Klein A., “Blind Xpath Injection,” A whitepaper from Watchfire, 2005.

Balsco J., “ Introduction to Xpath injection techniques”, Hacking 9, Conference on IT Undeground, pp 23-31, 2007.

Fredrik, V., Darren, M., and Vigna, G.,”A Learning-Based Approach to the Detection of SQL Attack”proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2005.

Halfond, W. G. and Orso, A., “Combining Static Analysis and Runtime Monitoring to Counter SQL-Injection Attacks”, ACM press, 2005.

Halfond, W. G. and Orso, A., “AMNESIA: Analysis and Monitoring for NEutralizing SQL-Injection Attacks”, ACM press, 2005.

Gregory T. Buehrer, Bruce W. Weide and Sivilotti, P. A. G., “

Using Parse Tree Validation to Prevent SQL Injection Attacks”

ACM press, pp. 106-113, 2005.

NuNo L., Marco V., and Henrique M., Protecting Database Centric Web Services against SQL/XPath Injection attacks, Springer, pp. 271-278, 2009.

Christian B., “Learning SQL for Database Intrusion Detection Using Context- Sensitive Modelling,”, Springer-Verlag Berlin, 2009.

Michael C. and Nigel D., “Convolution Kernels for Natural Language”, Advances in Neural Information Processing Systems, vol 14, pp. 625-632, 2001.

RICH C., HIMANSHU D. and ZANE L., Hacking Web 2.0 Exposed, Web 2.0 Security Secrets and Solutions, McGraw-Hioo Osborne Media, 2008.

Chih-Chung C. and Chih-Jen L., LIBSVM : a Library for Support Vector Machines, 2007.

Roberto B. and Alessandro M., Automatic Text Categorization From information Retrival to Support Vector Learning, Aracne editor, 2005.

V. G. Jecheva, E. P. Nikolova, An Adaptive Approach to Anomaly Intrusion Detection Based on Data Mining and String Metrics, (2008) International Review on Computers and Software (IRECOS), 3 (5), pp. 515 - 522.

Ali Khazaee, Ata Ebrahimzadeh, Electrocardiogram Beat Classification Using Support Vector Machines and Efficient Features, (2011) International Journal on Communications Antenna and Propagation (IRECAP), 1 (6), pp. 515-520.