CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks

One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacit...

Full description

Saved in:
Bibliographic Details
Main Author: Pinzón Trejos, Cristian (author)
Other Authors: Herrero, Álvaro (author), De Paz, Juan (author), Corchado, Emilio (author), Bajo, Javier (author)
Format: article
Language:English
Published: 2018
Subjects:
Online Access:http://ridda2.utp.ac.pa/handle/123456789/4783
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1869451830966091776
author Pinzón Trejos, Cristian
author2 Herrero, Álvaro
De Paz, Juan
Corchado, Emilio
Bajo, Javier
author2_role author
author
author
author
author_browse Bajo, Javier
Corchado, Emilio
De Paz, Juan
Herrero, Álvaro
Pinzón Trejos, Cristian
author_facet Pinzón Trejos, Cristian
Herrero, Álvaro
De Paz, Juan
Corchado, Emilio
Bajo, Javier
author_role author
collection Repositorio Institucional de documento digitales de acceso abierto de la UTP
dc.creator.none.fl_str_mv Pinzón Trejos, Cristian
Herrero, Álvaro
De Paz, Juan
Corchado, Emilio
Bajo, Javier
dc.date.none.fl_str_mv 06/23/2010
06/23/2010
2018-06-05T19:20:00Z
2018-06-05T19:20:00Z
dc.format.none.fl_str_mv application/pdf
application/pdf
dc.identifier.none.fl_str_mv http://ridda2.utp.ac.pa/handle/123456789/4783
dc.language.none.fl_str_mv eng
eng
dc.rights.none.fl_str_mv https://creativecommons.org/licenses/by-nc-sa/4.0/
info:eu-repo/semantics/openAccess
dc.source.none.fl_str_mv reponame:Repositorio Institucional de documento digitales de acceso abierto de la UTP
instname:Universidad Tecnológica de Panamá
instacron:U Tecnológica de Panamá
dc.subject.none.fl_str_mv SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
dc.title.none.fl_str_mv CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
dc.type.none.fl_str_mv info:eu-repo/semantics/article
info:eu-repo/semantics/publishedVersion
description One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here.
eu_rights_str_mv openAccess
format article
id PA_0d2a8684117b2586d61816dbbcb815cf
instacron_str U Tecnológica de Panamá
institution U Tecnológica de Panamá
instname_str Universidad Tecnológica de Panamá
language eng
network_acronym_str PA
network_name_str oai la ref anni2
oai_identifier_str oai:ridda2.utp.ac.pa:123456789/4783
publishDate 2018
publishDateSort 2018
reponame_str Repositorio Institucional de documento digitales de acceso abierto de la UTP
repository.mail.fl_str_mv
repository.name.fl_str_mv
repository_id_str
rights_invalid_str_mv https://creativecommons.org/licenses/by-nc-sa/4.0/
spelling CBRid4SQL: A CBR Intrusion Detector for SQL Injection AttacksPinzón Trejos, CristianHerrero, ÁlvaroDe Paz, JuanCorchado, EmilioBajo, JavierSQL InjectionIntrusion DetectionCBRSVMNeural NetworksSQL InjectionIntrusion DetectionCBRSVMNeural NetworksOne of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here.One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a neuronal network together with a Support Vector Machine in order to classify the received SQL queries in the most reliable way. Finally, a visualisation neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The Classifier Agent was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented here.2018-06-05T19:20:00Z2018-06-05T19:20:00Z06/23/201006/23/2010info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfapplication/pdfhttp://ridda2.utp.ac.pa/handle/123456789/4783engenghttps://creativecommons.org/licenses/by-nc-sa/4.0/info:eu-repo/semantics/openAccessreponame:Repositorio Institucional de documento digitales de acceso abierto de la UTPinstname:Universidad Tecnológica de Panamáinstacron:U Tecnológica de Panamáoai:ridda2.utp.ac.pa:123456789/47832021-07-06T15:35:05Z
spellingShingle CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
Pinzón Trejos, Cristian
SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
status_str publishedVersion
title CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_full CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_fullStr CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_full_unstemmed CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_short CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
title_sort CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks
topic SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
SQL Injection
Intrusion Detection
CBR
SVM
Neural Networks
url http://ridda2.utp.ac.pa/handle/123456789/4783