CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks

One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacit...

Descripción completa

Autores Principales: Pinzón Trejos, Cristian, Herrero, Álvaro, De Paz, Juan, Corchado, Emilio, Bajo, Javier
Formato: Artículo
Idioma: Inglés
Inglés
Publicado: 2018
Materias:
CBR
SVM
Acceso en línea: http://ridda2.utp.ac.pa/handle/123456789/4783
id RepoUTP4783
recordtype dspace
spelling RepoUTP47832021-07-06T15:35:05Z CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks Pinzón Trejos, Cristian Herrero, Álvaro De Paz, Juan Corchado, Emilio Bajo, Javier SQL Injection Intrusion Detection CBR SVM Neural Networks SQL Injection Intrusion Detection CBR SVM Neural Networks One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here. One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here. 2018-06-05T19:20:00Z 2018-06-05T19:20:00Z 06/23/2010 06/23/2010 info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion http://ridda2.utp.ac.pa/handle/123456789/4783 eng eng https://creativecommons.org/licenses/by-nc-sa/4.0/ info:eu-repo/semantics/openAccess application/pdf application/pdf
institution Universidad Tecnológica de Panamá
collection Repositorio UTP – Ridda2
language Inglés
Inglés
topic SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
spellingShingle SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
Pinzón Trejos, Cristian
Herrero, Álvaro
De Paz, Juan
Corchado, Emilio
Bajo, Javier
CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
description One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here.
format Artículo
author Pinzón Trejos, Cristian
Herrero, Álvaro
De Paz, Juan
Corchado, Emilio
Bajo, Javier
author_sort Pinzón Trejos, Cristian
title CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_short CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_full CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_fullStr CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_full_unstemmed CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_sort cbrid4sql: a cbr intrusion detector for sql injection attacks
publishDate 2018
url http://ridda2.utp.ac.pa/handle/123456789/4783
_version_ 1785813575026081792
score 12.140644