Collaborative SQL-injections detection system with machine learning

09/14/2022
by   M Lodeiro-Santiago, et al.
0

Data mining and information extraction from data is a field that has gained relevance in recent years thanks to techniques based on artificial intelligence and use of machine and deep learning. The main aim of the present work is the development of a tool based on a previous behaviour study of security audit tools (oriented to SQL pentesting) with the purpose of creating testing sets capable of performing an accurate detection of a SQL attack. The study is based on the information collected through the generated web server logs in a pentesting laboratory environment. Then, making use of the common extracted patterns from the logs, each attack vector has been classified in risk levels (dangerous attack, normal attack, non-attack, etc.). Finally, a training with the generated data was performed in order to obtain a classifier system that has a variable performance between 97 and 99 percent in positive attack detection. The training data is shared to other servers in order to create a distributed network capable of deciding if a query is an attack or is a real petition and inform to connected clients in order to block the petitions from the attacker's IP.

READ FULL TEXT
research
08/25/2023

Implementing Snort Intrusion Prevention System (IPS) for Network Forensic Analysis

The security trade confidentiality, integrity and availability are the m...
research
01/07/2020

WAF-A-MoLE: Evading Web Application Firewalls through Adversarial Machine Learning

Web Application Firewalls are widely used in production environments to ...
research
05/16/2019

Finding Rats in Cats: Detecting Stealthy Attacks using Group Anomaly Detection

Advanced attack campaigns span across multiple stages and stay stealthy ...
research
08/09/2023

Adversarial ModSecurity: Countering Adversarial SQL Injections with Robust Machine Learning

ModSecurity is widely recognized as the standard open-source Web Applica...
research
08/31/2018

Implementing WHERE and ORDER BY as spreadsheet formulas

The WHERE and ORDER BY clauses of the SQL SELECT statement select a subs...
research
09/29/2020

Intrusion Detection Framework for SQL Injection

In this era of internet, E-Business and e-commerce applications are usin...
research
10/21/2019

Crypto Mining Makes Noise

A new cybersecurity attack (cryptojacking) is emerging, in both the lite...

Please sign up or login with your details

Forgot password? Click here to reset