CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks

One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacit...

Descripción completa

Detalles Bibliográficos
Autores: Pinzón Trejos, Cristian, Herrero, Álvaro, De Paz, Juan, Corchado, Emilio, Bajo, Javier
Tipo de recurso: artículo
Estado:Versión publicada
Fecha de publicación:2018
País:Panamá
Institución:Universidad Tecnológica de Panamá
Repositorio:Repositorio Institucional de documento digitales de acceso abierto de la UTP
Idioma:inglés
OAI Identifier:oai:ridda2.utp.ac.pa:123456789/4783
Acceso en línea:http://ridda2.utp.ac.pa/handle/123456789/4783
Access Level:acceso abierto
Palabra clave:SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
Descripción
Sumario:One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here.