基于自动化的用户输入Sql注入检测与预防框架

IF 1.2 4区 计算机科学 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS
Fredrick Ochieng Okello, D. Kaburu, Ndia G. John
{"title":"基于自动化的用户输入Sql注入检测与预防框架","authors":"Fredrick Ochieng Okello, D. Kaburu, Ndia G. John","doi":"10.5539/cis.v16n2p51","DOIUrl":null,"url":null,"abstract":"Autodect framework protects management information systems (MIS) and databases from user input SQL injection attacks. This framework overcomes intrusion or penetration into the system by automatically detecting and preventing attacks from the user input end. The attack intentions is also known since                 it is linked to a proxy database, which has a normal and abnormal code vector profiles that      helps to gather information about the intent as well as knowing the areas of interest while conducting the attack. The information about the attack is forwarded to Autodect knowledge base (database), meaning that any successive attacks from the proxy database will be compared to the existing attack pattern logs in the knowledge base, in future this knowledge base-driven database will help organizations to analyze trends of attackers, profile them and deter them. The research evaluated the existing security frameworks used to prevent user input SQL injection; analysis was also done on the factors that lead to the detection of SQL injection. This knowledge-based framework     is able to predict the end goal of any injected attack vector. (Known and unknown signatures). Experiments were conducted on true and simulation websites and open-source datasets to analyze the performance and a comparison drawn between the Autodect framework and other existing tools. The research showed that Autodect framework has an accuracy level of 0.98. The research found a gap that all existing tools and frameworks never came up with a standard datasets for sql injection, neither do we have a universally accepted standard data set.","PeriodicalId":50636,"journal":{"name":"Computer Science and Information Systems","volume":"77 1","pages":""},"PeriodicalIF":1.2000,"publicationDate":"2023-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Automation-Based User Input Sql Injection Detection and Prevention Framework\",\"authors\":\"Fredrick Ochieng Okello, D. Kaburu, Ndia G. John\",\"doi\":\"10.5539/cis.v16n2p51\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Autodect framework protects management information systems (MIS) and databases from user input SQL injection attacks. This framework overcomes intrusion or penetration into the system by automatically detecting and preventing attacks from the user input end. The attack intentions is also known since                 it is linked to a proxy database, which has a normal and abnormal code vector profiles that      helps to gather information about the intent as well as knowing the areas of interest while conducting the attack. The information about the attack is forwarded to Autodect knowledge base (database), meaning that any successive attacks from the proxy database will be compared to the existing attack pattern logs in the knowledge base, in future this knowledge base-driven database will help organizations to analyze trends of attackers, profile them and deter them. The research evaluated the existing security frameworks used to prevent user input SQL injection; analysis was also done on the factors that lead to the detection of SQL injection. This knowledge-based framework     is able to predict the end goal of any injected attack vector. (Known and unknown signatures). Experiments were conducted on true and simulation websites and open-source datasets to analyze the performance and a comparison drawn between the Autodect framework and other existing tools. The research showed that Autodect framework has an accuracy level of 0.98. The research found a gap that all existing tools and frameworks never came up with a standard datasets for sql injection, neither do we have a universally accepted standard data set.\",\"PeriodicalId\":50636,\"journal\":{\"name\":\"Computer Science and Information Systems\",\"volume\":\"77 1\",\"pages\":\"\"},\"PeriodicalIF\":1.2000,\"publicationDate\":\"2023-05-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Science and Information Systems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.5539/cis.v16n2p51\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science and Information Systems","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.5539/cis.v16n2p51","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

Autodect框架保护管理信息系统(MIS)和数据库免受用户输入SQL注入攻击。该框架通过自动检测和防止来自用户输入端的攻击来克服对系统的入侵或渗透。攻击意图也是已知的,因为它链接到一个代理数据库,该数据库具有正常和异常的代码矢量配置文件,有助于收集有关意图的信息,并在进行攻击时了解感兴趣的领域。有关攻击的信息被转发到Autodect知识库(数据库),这意味着来自代理数据库的任何连续攻击都将与知识库中现有的攻击模式日志进行比较,将来这个知识库驱动的数据库将帮助组织分析攻击者的趋势,对他们进行分析并阻止他们。该研究评估了用于防止用户输入SQL注入的现有安全框架;分析了导致检测到SQL注入的因素。这种基于知识的框架能够预测任何注入攻击向量的最终目标。(已知和未知签名)。在真实和仿真网站以及开源数据集上进行了实验,分析了Autodect框架的性能,并与其他现有工具进行了比较。研究表明,Autodect框架的准确率水平为0.98。研究发现,所有现有的工具和框架都没有提供sql注入的标准数据集,我们也没有一个普遍接受的标准数据集。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Automation-Based User Input Sql Injection Detection and Prevention Framework
Autodect framework protects management information systems (MIS) and databases from user input SQL injection attacks. This framework overcomes intrusion or penetration into the system by automatically detecting and preventing attacks from the user input end. The attack intentions is also known since                 it is linked to a proxy database, which has a normal and abnormal code vector profiles that      helps to gather information about the intent as well as knowing the areas of interest while conducting the attack. The information about the attack is forwarded to Autodect knowledge base (database), meaning that any successive attacks from the proxy database will be compared to the existing attack pattern logs in the knowledge base, in future this knowledge base-driven database will help organizations to analyze trends of attackers, profile them and deter them. The research evaluated the existing security frameworks used to prevent user input SQL injection; analysis was also done on the factors that lead to the detection of SQL injection. This knowledge-based framework     is able to predict the end goal of any injected attack vector. (Known and unknown signatures). Experiments were conducted on true and simulation websites and open-source datasets to analyze the performance and a comparison drawn between the Autodect framework and other existing tools. The research showed that Autodect framework has an accuracy level of 0.98. The research found a gap that all existing tools and frameworks never came up with a standard datasets for sql injection, neither do we have a universally accepted standard data set.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Computer Science and Information Systems
Computer Science and Information Systems COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING
CiteScore
2.30
自引率
21.40%
发文量
76
审稿时长
7.5 months
期刊介绍: About the journal Home page Contact information Aims and scope Indexing information Editorial policies ComSIS consortium Journal boards Managing board For authors Information for contributors Paper submission Article submission through OJS Copyright transfer form Download section For readers Forthcoming articles Current issue Archive Subscription For reviewers View and review submissions News Journal''s Facebook page Call for special issue New issue notification Aims and scope Computer Science and Information Systems (ComSIS) is an international refereed journal, published in Serbia. The objective of ComSIS is to communicate important research and development results in the areas of computer science, software engineering, and information systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信