Technique for Detecting Zero Day Attack by using Signature based and Knowledge Based Method

Authors

  • Gajanan P Bherde  Department of Computer Engineering, K. J. Somaiya College of Engineering, Mumbai, Maharashtra, India
  • Dr. M. A. Pund   Department of Computer Science & Engineering, PRMIT&R, Badnera, Amravati, Maharashtra, India

Keywords:

zero day attack, xml, hackers, signature based technique

Abstract

Now a days web services have been increasingly adopted which has been targeted by the attackers. The underlying technologies used by them bring known vulnerabilities to this new environment. The classical approach for attack detection either produce high false positive detection rates or cannot detect attack variations leading to zero-day attacks.In this paper we are working on the zero day attacks detection techniques, ‘zero day attack’ refers to the hole in software i.e the unknown vendor in the software. This security hole is exploited by the hackers before vendor becomes aware of any attack. In recent system, researchers fail to fix the zero day attacks in the system. In this paper system used two methods to detect the zero day attacks. The methods are signature based and knowledge based detection method. For building the knowledge based strategy system can use the ontology technique. Ontologies can help build a strategy-based knowledge attack database. A novel hybrid attack detection engine brings together the main advantages of knowledge- and signature-based classical approaches.

References

  1. Thiago Mattos Rosa, Altair Olivo Santin and Andreia Malucelli “Mitigating XML Injection Zero -Day Attack through  Strategy”, publication in IEEE Security and Privacy in 2013.
  2. Siddavatam and J. Gadge. Comprehensive Test Mechanism to Detect  Attack on Web Services. 16th IEEE International Conference on  Networks, p. 1-6, 2008.
  3. C. G. Yee, W. H. Shin, and G.S.V.R.K. Rao.  An Adaptive Intrusion  Detection and Prevention (ID/IP) Framework for Web Services. International Conference on Convergence Information Technology, p.  528-534, 2007.
  4. N. Konstantinou, D. Spanos, and N. Mitrou, “Ontology and Database Mapping: A Survey of Current Implementations and Future Directions,” J. Web Eng., vol. 7, no. 1, 2008, pp. 1–24.
  5. J. Undercoffer et al., “A Target-Centric Ontology for Intrusion Detection,” Proc. IJCAI-03 Workshop Ontologies and Distributed Systems, Morgan Kaufmann, 2004, pp. 47–58.
  6. A. Vorobiev and J. Han, “Security Attack Ontology for Web Services,” Proc. 2nd Int’l Conf. Semantics, Knowledge, and Grid (SKG 06), IEEE CS, 2006, p. 42.
  7. M. Bravenboer, E. Dolstra, and E. Visser, “Preventing Injection Attacks with Syntax Embeddings,” Science of Computer Programming, vol. 75, no. 7, 2010, pp. 473–495.
  8. M.S.A. Najjar and M.A. Azgomi, “A Distributed Multi-approach Intrusion Detection System for Web Services,” Proc. 3rd Int’l Conf. Security of Information and Networks (SIN 10), ACM, 2010, pp. 238–244.
  9. Z. Li et al., “Hamsa: Fast Signature Generation for Zero-Day Polymorphic Worms with Provable Attack Resilience,” Proc. 2006 IEEE Symp. Security and Privacy (SP 06), IEEE CS, 2006, pp. 32–47.
  10. J. Undercoffer et al., “A Target-Centric Ontology for Intrusion Detection,” Proc. IJCAI-03 Workshop Ontologies and Distributed Systems, Morgan Kaufmann, 2004, pp. 47–58.
  11. Z. Maamara, N.C. Narendrab and S. Sattanathan.  Towards an ontology-based  approach  for  specifying  and  securing  Web  services.  Information and Software Technology, p. 441-455, 2005.
  12. A.  Vorobiev  and  J.  Han. Security  Attack  Ontology  for  Web  Services Proceedings  of  the  Second  International  Conference  on  Semantics,   Knowledge, and Grid, 2006.

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2018-06-30

Issue

Volume 4, Issue 8, May-June-2018

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Gajanan P Bherde, Dr. M. A. Pund , " Technique for Detecting Zero Day Attack by using Signature based and Knowledge Based Method, International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 4, Issue 8, pp.649-652, May-June-2018.