Log In Sign Up

Intrusion Detection Framework for SQL Injection

by   Israr Ali, et al.

In this era of internet, E-Business and e-commerce applications are using Databases as their integral part. These Databases irrespective of the technology used are vulnerable to SQL injection attacks. These Attacks are considered very dangerous as well as very easy to use for attackers and intruders. In this paper, we are proposing a new approach to detect intrusion from attackers by using SQL injection. The main idea of our proposed solution is to create trusted user profiles fetched from the Queries submitted by authorized users by using association rules. After that we will use a hybrid (anomaly + misuse) detection model which will depend on data mining techniques to detect queries that deviates from our normal behavior profile. The normal behavior profile will be created in XML format. In this way we can minimize false positive alarms.


page 1

page 2

page 3


Automatic firewall rules generator for anomaly detection systems with Apriori algorithm

Network intrusion detection systems have become a crucial issue for comp...

Spinner: Automated Dynamic Command Subsystem Perturbation

Injection attacks have been a major threat to web applications. Despite ...

Fuzzy neural networks to create an expert system for detecting attacks by SQL Injection

Its constant technological evolution characterizes the contemporary worl...

Simulating SQL Injection Vulnerability Exploitation Using Q-Learning Reinforcement Learning Agents

In this paper, we propose a first formalization of the process of exploi...

DNS Covert Channel Detection via Behavioral Analysis: a Machine Learning Approach

Detecting covert channels among legitimate traffic represents a severe c...

Collaborative SQL-injections detection system with machine learning

Data mining and information extraction from data is a field that has gai...