检测SQLi攻击和规避技术的混合方法

10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing Pub Date : 2014-10-22 DOI:10.4108/ICST.COLLABORATECOM.2014.257568

Abdelhamid Makiou, Y. Begriche, A. Serhrouchni

{"title":"检测SQLi攻击和规避技术的混合方法","authors":"Abdelhamid Makiou, Y. Begriche, A. Serhrouchni","doi":"10.4108/ICST.COLLABORATECOM.2014.257568","DOIUrl":null,"url":null,"abstract":"Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"87 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Hybrid approach to detect SQLi attacks and evasion techniques\",\"authors\":\"Abdelhamid Makiou, Y. Begriche, A. Serhrouchni\",\"doi\":\"10.4108/ICST.COLLABORATECOM.2014.257568\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules.\",\"PeriodicalId\":432345,\"journal\":{\"name\":\"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing\",\"volume\":\"87 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-10-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257568\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257568","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

注入漏洞(包括SQL注入)是影响Web应用程序的最普遍的安全威胁[1]。为了减轻这些攻击，Web应用防火墙(waf)应用安全规则来检查HTTP数据流和检测恶意HTTP事务。然而，攻击者可以通过使用复杂的SQL注入技术绕过WAF的规则。在本文中，我们介绍了一种新的方法来剖析HTTP流量和检测复杂的SQL注入攻击。我们的模型是一个混合注入预防系统(HIPS)，它使用机器学习分类器和基于简化安全规则集的模式匹配检查引擎。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Hybrid approach to detect SQLi attacks and evasion techniques

Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing

自引率

0.00%

发文量