A Study of XXE Attacks Prevention Using XML Parser Configuration

Shahid, Ramsha; Marwat, Safdar Nawaz Khan; Al‐Fuqaha, Ala; Brahim, Ghassen Ben

doi:10.1109/cicn56167.2022.10008276

Cited by 3 publications

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Then, we send this request to the Burp Suite [160], a tool commonly used in web application testing, in order to further analyze We observe that the application processes the data in XML format. We examine the applicability of an XXE injection attack [162], where the attacker has the ability to interfere with data processing and perform unwanted actions.…”

Section: B Phase 2: Risk Verification Via Penetration Testingmentioning

confidence: 99%

Understanding and Securing Unmanned Aerial Vehicle (UAV) Services: A Comprehensive Tutorial

Anagnostis,

Kotzanikolaou,

Douligeris

2024

Preprint

View full text Add to dashboard Cite

show abstract

Section: B Phase 2: Risk Verification Via Penetration Testingmentioning

confidence: 99%

Understanding and Securing Unmanned Aerial Vehicle (UAV) Services: A Comprehensive Tutorial

Anagnostis,

Kotzanikolaou,

Douligeris

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…2) XEE could impact system behaviour and data confidentiality, potentially influencing system response times and memory utilization [15].…”

Section: A Dataset Generationmentioning

confidence: 99%

Comparative Analysis of Weighted Ensemble and Majority Voting Algorithms for Intrusion Detection in OpenStack Cloud Environments

Patil,

Kale,

Bivalkar

et al. 2023

IJACSA

View full text Add to dashboard Cite

In the ever-evolving landscape of cybersecurity, the detection of malicious activities within cloud environments remains a critical challenge. This research aims to compare the effectiveness of two ensemble algorithms, the weighted ensemble algorithm and the majority voting algorithm, in the context of intrusion detection within an OpenStack cloud environment. To conduct this study, a dataset was generated using a network of 10 virtual machines, simulating the complex dynamics of a real cloud infrastructure. Various attack scenarios were simulated, and system metrics including CPU usage, memory utilization, and network traffic were monitored and logged. The weighted ensemble algorithm combines the predictions of multiple individual models with varying weights, while the majority voting algorithm aggregates predictions from multiple models. Through a rigorous experimental setup, these algorithms were applied to the generated dataset, and their performance was evaluated using standard metrics such as accuracy, precision, recall, and F1-score. These findings provide valuable insights into the strengths and weaknesses of ensemble algorithms for intrusion detection in cloud environments. It highlights the importance of selecting appropriate algorithms based on specific security requirements and threat profiles. Different attack scenarios may require different algorithmic approaches to achieve optimal results. Overall, this study contributes to the understanding of ensemble techniques in cloud security and offers a foundation for further research in optimizing intrusion detection strategies within dynamic and complex cloud environments. By identifying the strengths and weaknesses of different ensemble algorithms, cybersecurity professionals can make informed decisions in selecting the most suitable approach to enhance the security of cloud environments.

show abstract