SQL Injection Attack Detection Method Using Expectation Criterion

2016 Fourth International Symposium on Computing and Networking (CANDAR) Pub Date : 2016-11-01 DOI:10.1109/CANDAR.2016.0116

Linghuan Xiao, Shinichi Matsumoto, Tomohisa Ishikawa, K. Sakurai

{"title":"SQL Injection Attack Detection Method Using Expectation Criterion","authors":"Linghuan Xiao, Shinichi Matsumoto, Tomohisa Ishikawa, K. Sakurai","doi":"10.1109/CANDAR.2016.0116","DOIUrl":null,"url":null,"abstract":"SQL Injection attack is a kind of attack to a web application that accesses the database of the web application illegitimate. Along with the increasing use of web applications, the database where stores much sensitive information became more and more valuable and vulnerable. Eventually, SQL Injection attack has become rank one in top ten vulnerabilities as specified by Open Web Application Security Project (OWASP). In the other hand, although there was proposed a lot of methods to address the SQL injection attack, the current approaches almost have the limitation to detect full scope of the attack. What is more, the approaches have high precision in detecting pre-existing attacks though, but cannot detect unknown attacks. In this paper, we present an expectation-based solution to address SQL injection attack. Our proposal mainly has two phases. In the first phase, we calculate the occurrence probability of the SQL injection attack special characters in attack dataset and typical dataset respectively, and in the second phase we detect SQL injection attack base on expectation calculating take advantage of the computed occurrence probability.","PeriodicalId":322499,"journal":{"name":"2016 Fourth International Symposium on Computing and Networking (CANDAR)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Fourth International Symposium on Computing and Networking (CANDAR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CANDAR.2016.0116","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

Abstract

SQL Injection attack is a kind of attack to a web application that accesses the database of the web application illegitimate. Along with the increasing use of web applications, the database where stores much sensitive information became more and more valuable and vulnerable. Eventually, SQL Injection attack has become rank one in top ten vulnerabilities as specified by Open Web Application Security Project (OWASP). In the other hand, although there was proposed a lot of methods to address the SQL injection attack, the current approaches almost have the limitation to detect full scope of the attack. What is more, the approaches have high precision in detecting pre-existing attacks though, but cannot detect unknown attacks. In this paper, we present an expectation-based solution to address SQL injection attack. Our proposal mainly has two phases. In the first phase, we calculate the occurrence probability of the SQL injection attack special characters in attack dataset and typical dataset respectively, and in the second phase we detect SQL injection attack base on expectation calculating take advantage of the computed occurrence probability.

查看原文本刊更多论文

基于期望准则的SQL注入攻击检测方法

SQL注入攻击是一种针对web应用程序的攻击，通过非法访问web应用程序的数据库。随着web应用的日益普及，存储大量敏感信息的数据库变得越来越有价值，也越来越脆弱。最终，SQL注入攻击已经成为开放Web应用程序安全项目(OWASP)指定的十大漏洞之一。另一方面，尽管针对SQL注入攻击提出了很多方法，但目前的方法几乎无法检测到攻击的全部范围。此外，该方法对已存在攻击的检测精度较高，但对未知攻击的检测精度较低。本文提出了一种基于期望的SQL注入攻击解决方案。我们的建议主要分为两个阶段。第一阶段分别计算SQL注入攻击特殊字符在攻击数据集中和典型数据集中的发生概率，第二阶段利用计算得到的发生概率，基于期望计算对SQL注入攻击进行检测。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 Fourth International Symposium on Computing and Networking (CANDAR)

自引率

0.00%

发文量