Title :
Development and Evaluation of Defaced Sites Automatic Detection System DICE
Author :
Tanaka, Tatsuya ; Kai, Toshifumi ; Tamura, Yusuke ; Sasaki, Ryoichi
Author_Institution :
Life Inf. Syst. & Multimedia Design, Tokyo Denki Univ., Tokyo, Japan
Abstract :
Recently, the falsification attack to bury an illegal script under the Web site by using SQL injection becomes a problem. Authors previously proposed the detection method by the algorithm made based on the site title actually obtained through the survey of a falsification site and an illegal script and the analysis data of the description pattern of the script. In this study, we improved the method to obtain higher detection rate by Hayashi´s quantification theory type 2. We also implemented the old and new methods as gDefaced Sites Automatic Detection System DICEh on a proxy server program named Squid. This paper reports the method, the implemented program and the results of functional experiment and performance experiment.
Keywords :
SQL; Web sites; authorisation; DICE; SQL injection; Squid; Web site; defaced sites automatic detection system; falsification attack; proxy server program; quantification theory type 2; Browsers; Educational institutions; Fires; Malware; Servers; Software; Web pages; SQL Injection; Web access control;
Conference_Titel :
Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), 2011 Seventh International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4577-1397-2
DOI :
10.1109/IIHMSP.2011.61
