Automation-Based User Input Sql Injection Detection and Prevention Framework

IF 1.2 4区计算机科学 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computer Science and Information Systems Pub Date : 2023-05-02 DOI:10.5539/cis.v16n2p51

Fredrick Ochieng Okello, D. Kaburu, Ndia G. John

{"title":"Automation-Based User Input Sql Injection Detection and Prevention Framework","authors":"Fredrick Ochieng Okello, D. Kaburu, Ndia G. John","doi":"10.5539/cis.v16n2p51","DOIUrl":null,"url":null,"abstract":"Autodect framework protects management information systems (MIS) and databases from user input SQL injection attacks. This framework overcomes intrusion or penetration into the system by automatically detecting and preventing attacks from the user input end. The attack intentions is also known since it is linked to a proxy database, which has a normal and abnormal code vector profiles that helps to gather information about the intent as well as knowing the areas of interest while conducting the attack. The information about the attack is forwarded to Autodect knowledge base (database), meaning that any successive attacks from the proxy database will be compared to the existing attack pattern logs in the knowledge base, in future this knowledge base-driven database will help organizations to analyze trends of attackers, profile them and deter them. The research evaluated the existing security frameworks used to prevent user input SQL injection; analysis was also done on the factors that lead to the detection of SQL injection. This knowledge-based framework is able to predict the end goal of any injected attack vector. (Known and unknown signatures). Experiments were conducted on true and simulation websites and open-source datasets to analyze the performance and a comparison drawn between the Autodect framework and other existing tools. The research showed that Autodect framework has an accuracy level of 0.98. The research found a gap that all existing tools and frameworks never came up with a standard datasets for sql injection, neither do we have a universally accepted standard data set.","PeriodicalId":50636,"journal":{"name":"Computer Science and Information Systems","volume":"77 1","pages":""},"PeriodicalIF":1.2000,"publicationDate":"2023-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science and Information Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.5539/cis.v16n2p51","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Autodect framework protects management information systems (MIS) and databases from user input SQL injection attacks. This framework overcomes intrusion or penetration into the system by automatically detecting and preventing attacks from the user input end. The attack intentions is also known since it is linked to a proxy database, which has a normal and abnormal code vector profiles that helps to gather information about the intent as well as knowing the areas of interest while conducting the attack. The information about the attack is forwarded to Autodect knowledge base (database), meaning that any successive attacks from the proxy database will be compared to the existing attack pattern logs in the knowledge base, in future this knowledge base-driven database will help organizations to analyze trends of attackers, profile them and deter them. The research evaluated the existing security frameworks used to prevent user input SQL injection; analysis was also done on the factors that lead to the detection of SQL injection. This knowledge-based framework is able to predict the end goal of any injected attack vector. (Known and unknown signatures). Experiments were conducted on true and simulation websites and open-source datasets to analyze the performance and a comparison drawn between the Autodect framework and other existing tools. The research showed that Autodect framework has an accuracy level of 0.98. The research found a gap that all existing tools and frameworks never came up with a standard datasets for sql injection, neither do we have a universally accepted standard data set.

查看原文本刊更多论文

基于自动化的用户输入Sql注入检测与预防框架

Autodect框架保护管理信息系统(MIS)和数据库免受用户输入SQL注入攻击。该框架通过自动检测和防止来自用户输入端的攻击来克服对系统的入侵或渗透。攻击意图也是已知的，因为它链接到一个代理数据库，该数据库具有正常和异常的代码矢量配置文件，有助于收集有关意图的信息，并在进行攻击时了解感兴趣的领域。有关攻击的信息被转发到Autodect知识库(数据库)，这意味着来自代理数据库的任何连续攻击都将与知识库中现有的攻击模式日志进行比较，将来这个知识库驱动的数据库将帮助组织分析攻击者的趋势，对他们进行分析并阻止他们。该研究评估了用于防止用户输入SQL注入的现有安全框架;分析了导致检测到SQL注入的因素。这种基于知识的框架能够预测任何注入攻击向量的最终目标。(已知和未知签名)。在真实和仿真网站以及开源数据集上进行了实验，分析了Autodect框架的性能，并与其他现有工具进行了比较。研究表明，Autodect框架的准确率水平为0.98。研究发现，所有现有的工具和框架都没有提供sql注入的标准数据集，我们也没有一个普遍接受的标准数据集。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Science and Information Systems COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING

CiteScore

2.30

自引率

21.40%

发文量

审稿时长

7.5 months

期刊介绍： About the journal Home page Contact information Aims and scope Indexing information Editorial policies ComSIS consortium Journal boards Managing board For authors Information for contributors Paper submission Article submission through OJS Copyright transfer form Download section For readers Forthcoming articles Current issue Archive Subscription For reviewers View and review submissions News Journal''s Facebook page Call for special issue New issue notification Aims and scope Computer Science and Information Systems (ComSIS) is an international refereed journal, published in Serbia. The objective of ComSIS is to communicate important research and development results in the areas of computer science, software engineering, and information systems.