{"id":"https://openalex.org/W4405182561","doi":"https://doi.org/10.1145/3658644.3670304","title":"SWIDE: A Semantic-aware Detection Engine for Successful Web Injection Attacks","display_name":"SWIDE: A Semantic-aware Detection Engine for Successful Web Injection Attacks","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405182561","doi":"https://doi.org/10.1145/3658644.3670304"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3670304","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670304","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670304","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670304","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5069572941","display_name":"Ronghai Yang","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Ronghai Yang","raw_affiliation_strings":["Sangfor Technologies Inc., Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"Sangfor Technologies Inc., Shenzhen, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101767874","display_name":"Xianbo Wang","orcid":"https://orcid.org/0000-0003-1686-4981"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xianbo Wang","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong SAR, China"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong SAR, China","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5094023578","display_name":"Kaixuan Luo","orcid":"https://orcid.org/0000-0002-6387-8043"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kaixuan Luo","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong SAR, China"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong SAR, China","institution_ids":["https://openalex.org/I177725633"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034647010","display_name":"Xin Lei","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Xin Lei","raw_affiliation_strings":["Sangfor Technologies Inc., Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"Sangfor Technologies Inc., Shenzhen, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062219320","display_name":"K. Li","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ke Li","raw_affiliation_strings":["Sangfor Technologies Inc., Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"Sangfor Technologies Inc., Shenzhen, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112775751","display_name":"Jinxiu Xin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jiayuan Xin","raw_affiliation_strings":["Sangfor Technologies Inc., Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"Sangfor Technologies Inc., Shenzhen, China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5020413351","display_name":"Wing Cheong Lau","orcid":"https://orcid.org/0000-0003-1179-7855"},"institutions":[{"id":"https://openalex.org/I177725633","display_name":"Chinese University of Hong Kong","ror":"https://ror.org/00t33hh48","country_code":"CN","type":"education","lineage":["https://openalex.org/I177725633"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wing Cheong Lau","raw_affiliation_strings":["The Chinese University of Hong Kong, Hong Kong SAR, China"],"affiliations":[{"raw_affiliation_string":"The Chinese University of Hong Kong, Hong Kong SAR, China","institution_ids":["https://openalex.org/I177725633"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5069572941"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.6284,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.88677649,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"540","last_page":"554"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8104734420776367},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.6263420581817627},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5864413976669312},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.5822613835334778},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.49867844581604004},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.4938874840736389},{"id":"https://openalex.org/keywords/syntax","display_name":"Syntax","score":0.4154777526855469},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.41342929005622864},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.36402082443237305},{"id":"https://openalex.org/keywords/search-engine","display_name":"Search engine","score":0.15215671062469482},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.13690078258514404}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8104734420776367},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.6263420581817627},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5864413976669312},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.5822613835334778},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.49867844581604004},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.4938874840736389},{"id":"https://openalex.org/C60048249","wikidata":"https://www.wikidata.org/wiki/Q37437","display_name":"Syntax","level":2,"score":0.4154777526855469},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.41342929005622864},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.36402082443237305},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.15215671062469482},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.13690078258514404},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.0},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3658644.3670304","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670304","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670304","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3658644.3670304","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3670304","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3670304","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4405182561.pdf"},"referenced_works_count":14,"referenced_works":["https://openalex.org/W87384950","https://openalex.org/W2006508099","https://openalex.org/W2034362794","https://openalex.org/W2086631206","https://openalex.org/W2103378897","https://openalex.org/W2139381299","https://openalex.org/W2155926039","https://openalex.org/W2587209459","https://openalex.org/W2619791319","https://openalex.org/W3047608117","https://openalex.org/W3093410479","https://openalex.org/W3156952258","https://openalex.org/W4388327470","https://openalex.org/W6600045627"],"related_works":["https://openalex.org/W1535080110","https://openalex.org/W2978656898","https://openalex.org/W2097492617","https://openalex.org/W306312984","https://openalex.org/W857189463","https://openalex.org/W4288094128","https://openalex.org/W4256450364","https://openalex.org/W4385706035","https://openalex.org/W4238821156","https://openalex.org/W189846524"],"abstract_inverted_index":{"Web":[0,67],"attacks,":[1,47,196],"a":[2,9,182,216,237,248],"primary":[3],"vector":[4],"for":[5,44,143],"system":[6,224],"breaches,":[7],"pose":[8],"significant":[10],"challenge":[11],"within":[12],"the":[13,56,121,147,172,176,179,262,275],"cybersecurity":[14,217],"landscape.":[15],"The":[16],"growing":[17],"intensity":[18],"of":[19,171,178,229,251,278],"web":[20,46,76,115],"attack":[21,186],"attempts":[22],"has":[23,205],"led":[24],"to":[25,53,73,88,105,110,125,157,174],"\"alert":[26],"fatigue\"":[27],"where":[28],"enterprises":[29,87,230],"are":[30,58],"inundated":[31],"by":[32,146,269],"excessive":[33],"alerts.":[34],"Although":[35],"extensive":[36],"research":[37],"is":[38],"being":[39],"conducted":[40],"on":[41,91,98,236],"automated":[42],"methods":[43],"detecting":[45],"it":[48],"remains":[49],"an":[50,71,241],"open":[51],"problem":[52],"identify":[54,194],"whether":[55],"attacks":[57,78,117,130,235],"successful.":[59],"Towards":[60],"this":[61],"end,":[62],"we":[63,150,246],"present":[64],"SWIDE":[65,191,204],"(Successful":[66],"Injection":[68],"Detection":[69],"Engine),":[70],"engine":[72],"pinpoint":[74],"successful":[75,114,195,234],"injection":[77,116],"(e.g.,":[79],"PHP":[80],"command":[81],"injection,":[82],"SQL":[83],"injection).":[84],"This":[85],"enables":[86],"focus":[89],"exclusively":[90],"those":[92],"crucial":[93],"threats.":[94],"Our":[95],"methodology":[96],"builds":[97],"two":[99],"insights:":[100],"Firstly,":[101],"while":[102],"attackers":[103],"tend":[104],"apply":[106],"payload":[107,173],"obfuscation":[108],"techniques":[109],"evade":[111],"detection,":[112],"all":[113],"must":[118],"comply":[119],"with":[120,215],"programming":[122],"language":[123],"syntax":[124,161],"be":[126],"executable;":[127],"Secondly,":[128],"these":[129],"inevitably":[131],"produce":[132],"observable":[133],"effects,":[134],"such":[135],"as":[136],"returning":[137],"execution":[138],"result":[139],"or":[140],"creating":[141],"backdoors":[142],"future":[144],"access":[145],"attacker.":[148],"Consequently,":[149],"leverage":[151],"advanced":[152],"syntactic":[153],"and":[154,166,188,208,255],"semantic":[155,169],"analysis":[156,170,250],"1)":[158],"detect":[159],"malicious":[160],"features":[162],"in":[163,210,261],"obfuscated":[164],"payloads":[165],"2)":[167],"perform":[168,247],"recover":[175],"intention":[177],"attack.":[180],"With":[181],"two-stage":[183],"design,":[184],"namely,":[185],"identification":[187],"confirmation":[189],"mechanisms,":[190],"can":[192],"accurately":[193],"even":[197],"amidst":[198],"intricate":[199],"obfuscations.":[200],"Unlike":[201],"proof-of-concept":[202],"studies,":[203],"been":[206],"deployed":[207],"validated":[209],"real-world":[211],"environments":[212],"through":[213],"collaborations":[214],"firm.":[218],"Serving":[219],"5,045":[220],"enterprise":[221],"users,":[222],"our":[223],"identifies":[225],"that":[226],"roughly":[227],"15%":[228],"have":[231],"suffered":[232],"from":[233],"weekly":[238],"basis":[239],"-":[240],"alarmingly":[242],"high":[243],"rate.":[244],"Moreover,":[245],"detailed":[249],"six":[252],"months'":[253],"data":[254],"discover":[256],"60":[257],"zero-day":[258],"vulnerabilities":[259],"exploited":[260],"wild,":[263],"including":[264],"12":[265],"high-risk":[266],"ones":[267],"acknowledged":[268],"relevant":[270],"authorities.":[271],"These":[272],"findings":[273],"underscore":[274],"practical":[276],"effectiveness":[277],"SWIDE.":[279]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}