AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks

SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent...

Descripción completa

Detalles Bibliográficos
Autores: Pinzón Trejos, Cristian, De Paz, Juan, Bajo, Javier, Herrero, Álvaro, Herrero, Emilio
Tipo de recurso: artículo
Estado:Versión publicada
Fecha de publicación:2018
País:Panamá
Institución:Universidad Tecnológica de Panamá
Repositorio:Repositorio Institucional de documento digitales de acceso abierto de la UTP
Idioma:inglés
OAI Identifier:oai:ridda2.utp.ac.pa:123456789/4782
Acceso en línea:https://ieeexplore.ieee.org/abstract/document/5600026/
http://ridda2.utp.ac.pa/handle/123456789/4782
Access Level:acceso embargado
Palabra clave:Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
id PA_7930c834fdad4e944fe4de4b1cb928ee
oai_identifier_str oai:ridda2.utp.ac.pa:123456789/4782
network_acronym_str PA
network_name_str Panamá
repository_id_str
spelling AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacksPinzón Trejos, CristianDe Paz, JuanBajo, JavierHerrero, ÁlvaroHerrero, EmilioIntrusion DetectionAgentCase-Based ReasoningSupport Vector MachineArtificial Neural NetworkSQL InjectionIntrusion DetectionAgentCase-Based ReasoningSupport Vector MachineArtificial Neural NetworkSQL InjectionSQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.2018-06-05T19:12:13Z2018-06-05T19:12:13Z2018-06-05T19:12:13Z2018-06-05T19:12:13Z08/23/201008/23/2010info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdftext/htmlhttps://ieeexplore.ieee.org/abstract/document/5600026/http://ridda2.utp.ac.pa/handle/123456789/4782http://ridda2.utp.ac.pa/handle/123456789/4782enginfo:eu-repo/semantics/embargoedAccessreponame:Repositorio Institucional de documento digitales de acceso abierto de la UTPinstname:Universidad Tecnológica de Panamáinstacron:U Tecnológica de Panamáoai:ridda2.utp.ac.pa:123456789/47822021-07-06T15:35:05Z
dc.title.none.fl_str_mv AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
spellingShingle AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
Pinzón Trejos, Cristian
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
title_short AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_full AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_fullStr AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_full_unstemmed AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_sort AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
dc.creator.none.fl_str_mv Pinzón Trejos, Cristian
De Paz, Juan
Bajo, Javier
Herrero, Álvaro
Herrero, Emilio
author Pinzón Trejos, Cristian
author_facet Pinzón Trejos, Cristian
De Paz, Juan
Bajo, Javier
Herrero, Álvaro
Herrero, Emilio
author_role author
author2 De Paz, Juan
Bajo, Javier
Herrero, Álvaro
Herrero, Emilio
author2_role author
author
author
author
dc.subject.none.fl_str_mv Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
topic Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
description SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.
publishDate 2018
dc.date.none.fl_str_mv 08/23/2010
08/23/2010
2018-06-05T19:12:13Z
2018-06-05T19:12:13Z
2018-06-05T19:12:13Z
2018-06-05T19:12:13Z
dc.type.none.fl_str_mv info:eu-repo/semantics/article
info:eu-repo/semantics/publishedVersion
format article
status_str publishedVersion
dc.identifier.none.fl_str_mv https://ieeexplore.ieee.org/abstract/document/5600026/
http://ridda2.utp.ac.pa/handle/123456789/4782
http://ridda2.utp.ac.pa/handle/123456789/4782
url https://ieeexplore.ieee.org/abstract/document/5600026/
http://ridda2.utp.ac.pa/handle/123456789/4782
dc.language.none.fl_str_mv eng
language eng
dc.rights.none.fl_str_mv info:eu-repo/semantics/embargoedAccess
eu_rights_str_mv embargoedAccess
dc.format.none.fl_str_mv application/pdf
text/html
dc.source.none.fl_str_mv reponame:Repositorio Institucional de documento digitales de acceso abierto de la UTP
instname:Universidad Tecnológica de Panamá
instacron:U Tecnológica de Panamá
instname_str Universidad Tecnológica de Panamá
instacron_str U Tecnológica de Panamá
institution U Tecnológica de Panamá
reponame_str Repositorio Institucional de documento digitales de acceso abierto de la UTP
collection Repositorio Institucional de documento digitales de acceso abierto de la UTP
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1795886104716509184
score 15,812429