{"id":"https://openalex.org/W2902948201","doi":"https://doi.org/10.1109/access.2018.2884201","title":"GMSA: Gathering Multiple Signatures Approach to Defend Against Code Injection Attacks","display_name":"GMSA: Gathering Multiple Signatures Approach to Defend Against Code Injection Attacks","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2902948201","doi":"https://doi.org/10.1109/access.2018.2884201","mag":"2902948201"},"language":"en","primary_location":{"id":"doi:10.1109/access.2018.2884201","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2884201","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2018.2884201","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013976852","display_name":"Hussein Alnabulsi","orcid":"https://orcid.org/0000-0003-1805-6849"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Hussein Alnabulsi","raw_affiliation_strings":["1School of Computing and Mathematics, Charles Sturt University, Albury, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0003-1805-6849","affiliations":[{"raw_affiliation_string":"1School of Computing and Mathematics, Charles Sturt University, Albury, NSW, Australia","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065820146","display_name":"Rafiqul Islam","orcid":"https://orcid.org/0000-0001-8317-5727"},"institutions":[{"id":"https://openalex.org/I153230381","display_name":"Charles Sturt University","ror":"https://ror.org/00wfvh315","country_code":"AU","type":"education","lineage":["https://openalex.org/I153230381"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Rafiqul Islam","raw_affiliation_strings":["1School of Computing and Mathematics, Charles Sturt University, Albury, NSW, Australia"],"raw_orcid":"https://orcid.org/0000-0001-8317-5727","affiliations":[{"raw_affiliation_string":"1School of Computing and Mathematics, Charles Sturt University, Albury, NSW, Australia","institution_ids":["https://openalex.org/I153230381"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072887232","display_name":"Majharul Talukder","orcid":null},"institutions":[{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Majharul Talukder","raw_affiliation_strings":["School of Management, University of Canberra, Canberra, ACT, Australia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Management, University of Canberra, Canberra, ACT, Australia","institution_ids":["https://openalex.org/I188329596"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5013976852"],"corresponding_institution_ids":["https://openalex.org/I153230381"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":3.2889,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.93854651,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"6","issue":null,"first_page":"77829","last_page":"77840"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9879999756813049,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9690999984741211,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.8854137659072876},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.8671737313270569},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8397222757339478},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6508069038391113},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6503841876983643},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5762280821800232},{"id":"https://openalex.org/keywords/false-positive-rate","display_name":"False positive rate","score":0.5415800213813782},{"id":"https://openalex.org/keywords/sql","display_name":"SQL","score":0.5233304500579834},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4964142441749573},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.46400633454322815},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3050524592399597},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2662971019744873},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.17971748113632202},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.14642220735549927},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.11007490754127502},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.10030615329742432},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.09923791885375977}],"concepts":[{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.8854137659072876},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.8671737313270569},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8397222757339478},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6508069038391113},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6503841876983643},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5762280821800232},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.5415800213813782},{"id":"https://openalex.org/C510870499","wikidata":"https://www.wikidata.org/wiki/Q47607","display_name":"SQL","level":2,"score":0.5233304500579834},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4964142441749573},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.46400633454322815},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3050524592399597},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2662971019744873},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.17971748113632202},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.14642220735549927},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.11007490754127502},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.10030615329742432},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.09923791885375977},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.0},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/access.2018.2884201","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2884201","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:pure.atira.dk:publications/39be9ffe-7c8f-4032-9835-4679b7ff0917","is_oa":true,"landing_page_url":"https://researchoutput.csu.edu.au/en/publications/39be9ffe-7c8f-4032-9835-4679b7ff0917","pdf_url":null,"source":{"id":"https://openalex.org/S7407055442","display_name":"Charles Sturt University Research Output (CRO)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Alnabulsi, H, Islam, R & Talukder, M 2018, 'GMSA : Gathering Multiple Signatures Approach to defend against code injection attacks', IEEE Access, vol. 6, pp. 77829 - 77840. https://doi.org/10.1109/ACCESS.2018.2884201","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:doaj.org/article:a67216e2a31545758b4149b8024d8a3d","is_oa":true,"landing_page_url":"https://doaj.org/article/a67216e2a31545758b4149b8024d8a3d","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 6, Pp 77829-77840 (2018)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2018.2884201","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2884201","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.46000000834465027,"display_name":"Reduced inequalities","id":"https://metadata.un.org/sdg/10"},{"score":0.46000000834465027,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1971876790","https://openalex.org/W1987537404","https://openalex.org/W2044041170","https://openalex.org/W2052673017","https://openalex.org/W2095851690","https://openalex.org/W2099369238","https://openalex.org/W2113346785","https://openalex.org/W2162046977","https://openalex.org/W2308606615","https://openalex.org/W2528169216","https://openalex.org/W2534651220","https://openalex.org/W2542534661","https://openalex.org/W2545008835","https://openalex.org/W2556169824","https://openalex.org/W2765456723","https://openalex.org/W2766391153","https://openalex.org/W6647084880","https://openalex.org/W6661326084","https://openalex.org/W6729317637","https://openalex.org/W6729723057","https://openalex.org/W6745160750"],"related_works":["https://openalex.org/W4312406950","https://openalex.org/W3188339517","https://openalex.org/W2611747598","https://openalex.org/W2549898710","https://openalex.org/W2166381878","https://openalex.org/W2955734438","https://openalex.org/W2504194819","https://openalex.org/W3132720240","https://openalex.org/W4256450364","https://openalex.org/W3069109132"],"abstract_inverted_index":{"Code":[0],"injection":[1,61,64,67,218],"attacks":[2],"(CIAs)":[3],"exploit":[4],"security":[5,154,166],"vulnerabilities":[6],"and":[7,69,80,145,219],"computer":[8],"bugs":[9],"that":[10,88,206],"are":[11,207],"caused":[12],"by":[13],"processing":[14],"invalid":[15],"codes.":[16],"CIA":[17],"is":[18,107,116,119,131,199],"a":[19,43,50,99,159,172],"problem":[20],"which":[21,118],"hackers":[22],"attempt":[23],"to":[24,26,33,48,186,209],"introduce":[25],"any":[27],"new":[28],"method,":[29],"their":[30],"objective":[31],"being":[32],"bypass":[34],"the":[35,104,132,137,143,183,188],"protection":[36,169],"system.":[37],"In":[38],"this":[39],"paper,":[40],"we":[41],"present":[42],"tool":[44],"called":[45],"GMSA,":[46],"developed":[47],"detect":[49,193],"variety":[51],"of":[52,76,103,114,162,196,214],"CIAs,":[53],"for":[54],"example,":[55],"cross-site":[56],"scripting":[57],"(XSS)":[58],"attack,":[59,62],"SQL":[60,217],"shell":[63],"attack":[65],"(command":[66],"attack),":[68],"file":[70,78,82],"inclusion":[71,79],"attack.":[72],"The":[73,109,128],"latter":[74],"consists":[75],"local":[77],"remote":[81],"inclusion.":[83],"Our":[84,175],"empirical":[85],"analysis":[86],"reveals":[87],"compared":[89,121],"with":[90,122,151,164],"existing":[91,152],"research,":[92],"gathering":[93],"multiple":[94],"signatures":[95],"approach":[96],"(GMSA)":[97],"executes":[98],"precision":[100],"performance":[101],"(accuracy":[102],"proposed":[105],"algorithm":[106,139],"99.45%).":[108],"false":[110,189],"positive":[111,147],"rate":[112,148],"(FPR)":[113],"GMSA":[115,191],"0.59%,":[117],"low":[120,129],"what":[123],"other":[124,203],"research":[125,204],"has":[126],"reported.":[127],"FPR":[130,144],"most":[133],"important":[134],"factor.":[135],"Ideally,":[136],"defense":[138],"should":[140],"balance":[141],"between":[142],"true":[146],"(TPR)":[149],"because":[150],"methodologies,":[153],"experts":[155],"can":[156,192],"defend":[157],"against":[158],"broad":[160],"range":[161],"CIAs":[163],"uncomplicated":[165],"software.":[167],"Typical":[168],"methods":[170],"yield":[171],"high":[173,179],"FPR.":[174],"method":[176],"results":[177],"in":[178],"TPR":[180],"while":[181],"minimizing":[182],"resources":[184],"needed":[185],"address":[187],"positive.":[190],"four":[194],"types":[195,213],"CIA.":[197],"This":[198],"more":[200],"comprehensive":[201],"than":[202],"techniques":[205],"restricted":[208],"only":[210],"two":[211],"major":[212],"CIA,":[215],"namely,":[216],"XSS":[220],"attacks.":[221]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}