{"title":"分析云计算和 WEB 应用程序中的 SQL 注入攻击","authors":"Animesh Kumar, Sandip Dutta, Prashant Pranav","doi":"10.1002/spy2.370","DOIUrl":null,"url":null,"abstract":"Cloud computing has revolutionized the way IT industries work. Most modern‐day companies rely on cloud services to accomplish their day‐to‐day tasks. From hosting websites to developing platforms and storing resources, cloud computing has tremendous use in the modern information technology industry. Although an emerging technique, it has many security challenges. In structured query language injection attacks, the attacker modifies some parts of the user query to still sensitive user information. This type of attack is challenging to detect and prevent. In this article, we have reviewed 65 research articles that address the issue of its prevention and detection in cloud and Traditional Networks, of which 11 research articles are related to general cloud attacks, and the rest of the 54 research articles are specifically on web security. Our result shows that Random Forest has an accuracy of 99.8% and a Precision rate of 99.9%, and the worst‐performing model is Multi‐Layer Perceptron (MLP) in the SQLIA Model. For recall value, Random Forest performs best while TensorFlow Linear Classifier performs worst. F1 score is best in Random Forest, while MLP is the most diminutive performer.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.5000,"publicationDate":"2024-01-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Analysis of SQL injection attacks in the cloud and in WEB applications\",\"authors\":\"Animesh Kumar, Sandip Dutta, Prashant Pranav\",\"doi\":\"10.1002/spy2.370\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing has revolutionized the way IT industries work. Most modern‐day companies rely on cloud services to accomplish their day‐to‐day tasks. From hosting websites to developing platforms and storing resources, cloud computing has tremendous use in the modern information technology industry. Although an emerging technique, it has many security challenges. In structured query language injection attacks, the attacker modifies some parts of the user query to still sensitive user information. This type of attack is challenging to detect and prevent. In this article, we have reviewed 65 research articles that address the issue of its prevention and detection in cloud and Traditional Networks, of which 11 research articles are related to general cloud attacks, and the rest of the 54 research articles are specifically on web security. Our result shows that Random Forest has an accuracy of 99.8% and a Precision rate of 99.9%, and the worst‐performing model is Multi‐Layer Perceptron (MLP) in the SQLIA Model. For recall value, Random Forest performs best while TensorFlow Linear Classifier performs worst. F1 score is best in Random Forest, while MLP is the most diminutive performer.\",\"PeriodicalId\":29939,\"journal\":{\"name\":\"Security and Privacy\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2024-01-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1002/spy2.370\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.370","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
云计算彻底改变了 IT 行业的工作方式。大多数现代公司都依赖云服务来完成日常任务。从托管网站到开发平台和存储资源,云计算在现代信息技术产业中有着巨大的用途。虽然云计算是一项新兴技术,但它也面临着许多安全挑战。在结构化查询语言注入攻击中,攻击者会修改用户查询的某些部分,以保留敏感的用户信息。这类攻击在检测和防范方面具有挑战性。在本文中,我们综述了 65 篇针对云计算和传统网络中结构化查询语言注入攻击的预防和检测问题的研究文章,其中 11 篇研究文章与一般的云计算攻击有关,其余 54 篇研究文章则专门针对网络安全。结果显示,随机森林的准确率为 99.8%,精确率为 99.9%,而在 SQLIA 模型中表现最差的模型是多层感知器(MLP)。在召回值方面,随机森林表现最好,而 TensorFlow 线性分类器表现最差。随机森林的 F1 分数最高,而 MLP 的表现最差。
Analysis of SQL injection attacks in the cloud and in WEB applications
Cloud computing has revolutionized the way IT industries work. Most modern‐day companies rely on cloud services to accomplish their day‐to‐day tasks. From hosting websites to developing platforms and storing resources, cloud computing has tremendous use in the modern information technology industry. Although an emerging technique, it has many security challenges. In structured query language injection attacks, the attacker modifies some parts of the user query to still sensitive user information. This type of attack is challenging to detect and prevent. In this article, we have reviewed 65 research articles that address the issue of its prevention and detection in cloud and Traditional Networks, of which 11 research articles are related to general cloud attacks, and the rest of the 54 research articles are specifically on web security. Our result shows that Random Forest has an accuracy of 99.8% and a Precision rate of 99.9%, and the worst‐performing model is Multi‐Layer Perceptron (MLP) in the SQLIA Model. For recall value, Random Forest performs best while TensorFlow Linear Classifier performs worst. F1 score is best in Random Forest, while MLP is the most diminutive performer.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
