SiC: An agent based architecture for preventing and detecting attacks to ubiquitous databases
One of the main attacks to ubiquitous databases is the structure query language (SQL) injection attack, which causes severe damages both in the commercial aspect and in the user’s confidence. This chapter proposes the SiC architecture as a solution to the SQL injection attack problem. This is a hier...
| Autores: | , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Estado: | Versión publicada |
| Fecha de publicación: | 2009 |
| País: | Panamá |
| Institución: | Universidad Tecnológica de Panamá |
| Repositorio: | Repositorio Institucional de documento digitales de acceso abierto de la UTP |
| Idioma: | inglés |
| OAI Identifier: | oai:ridda2.utp.ac.pa:123456789/4884 |
| Acceso en línea: | https://link.springer.com/chapter/10.1007/978-1-84882-599-4_11 http://ridda2.utp.ac.pa/handle/123456789/4884 |
| Access Level: | acceso embargado |
| Palabra clave: | SQL injection Security database Intrusion detection system Multiagent Case based reasoning |
| Sumario: | One of the main attacks to ubiquitous databases is the structure query language (SQL) injection attack, which causes severe damages both in the commercial aspect and in the user’s confidence. This chapter proposes the SiC architecture as a solution to the SQL injection attack problem. This is a hierarchical distributed multiagent architecture, which involves an entirely new approach with respect to existing architectures for the prevention and detection of SQL injections. SiC incorporates a kind of intelligent agent, which integrates a case-based reasoning system. This agent, which is the core of the architecture, allows the application of detection techniques based on anomalies as well as those based on patterns, providing a great degree of autonomy, flexibility, robustness and dynamic scalability. The characteristics of the multiagent system allow an architecture to detect attacks from different types of devices, regardless of the physical location. The architecture has been tested on a medical database, guaranteeing safe access from various devices such as PDAs and notebook computers. |
|---|