AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , , , |
| Format: | article |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/abstract/document/5600026/ http://ridda2.utp.ac.pa/handle/123456789/4782 |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1869451860422688768 |
|---|---|
| author | Pinzón Trejos, Cristian |
| author2 | De Paz, Juan Bajo, Javier Herrero, Álvaro Herrero, Emilio |
| author2_role | author author author author |
| author_browse | Bajo, Javier De Paz, Juan Herrero, Emilio Herrero, Álvaro Pinzón Trejos, Cristian |
| author_facet | Pinzón Trejos, Cristian De Paz, Juan Bajo, Javier Herrero, Álvaro Herrero, Emilio |
| author_role | author |
| collection | Repositorio Institucional de documento digitales de acceso abierto de la UTP |
| dc.creator.none.fl_str_mv | Pinzón Trejos, Cristian De Paz, Juan Bajo, Javier Herrero, Álvaro Herrero, Emilio |
| dc.date.none.fl_str_mv | 08/23/2010 08/23/2010 2018-06-05T19:12:13Z 2018-06-05T19:12:13Z 2018-06-05T19:12:13Z 2018-06-05T19:12:13Z |
| dc.format.none.fl_str_mv | application/pdf text/html |
| dc.identifier.none.fl_str_mv | https://ieeexplore.ieee.org/abstract/document/5600026/ http://ridda2.utp.ac.pa/handle/123456789/4782 http://ridda2.utp.ac.pa/handle/123456789/4782 |
| dc.language.none.fl_str_mv | eng |
| dc.rights.none.fl_str_mv | info:eu-repo/semantics/embargoedAccess |
| dc.source.none.fl_str_mv | reponame:Repositorio Institucional de documento digitales de acceso abierto de la UTP instname:Universidad Tecnológica de Panamá instacron:U Tecnológica de Panamá |
| dc.subject.none.fl_str_mv | Intrusion Detection Agent Case-Based Reasoning Support Vector Machine Artificial Neural Network SQL Injection Intrusion Detection Agent Case-Based Reasoning Support Vector Machine Artificial Neural Network SQL Injection |
| dc.title.none.fl_str_mv | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| dc.type.none.fl_str_mv | info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion |
| description | SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice. |
| eu_rights_str_mv | embargoedAccess |
| format | article |
| id | PA_7930c834fdad4e944fe4de4b1cb928ee |
| instacron_str | U Tecnológica de Panamá |
| institution | U Tecnológica de Panamá |
| instname_str | Universidad Tecnológica de Panamá |
| language | eng |
| network_acronym_str | PA |
| network_name_str | oai la ref anni2 |
| oai_identifier_str | oai:ridda2.utp.ac.pa:123456789/4782 |
| publishDate | 2018 |
| publishDateSort | 2018 |
| reponame_str | Repositorio Institucional de documento digitales de acceso abierto de la UTP |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacksPinzón Trejos, CristianDe Paz, JuanBajo, JavierHerrero, ÁlvaroHerrero, EmilioIntrusion DetectionAgentCase-Based ReasoningSupport Vector MachineArtificial Neural NetworkSQL InjectionIntrusion DetectionAgentCase-Based ReasoningSupport Vector MachineArtificial Neural NetworkSQL InjectionSQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.2018-06-05T19:12:13Z2018-06-05T19:12:13Z2018-06-05T19:12:13Z2018-06-05T19:12:13Z08/23/201008/23/2010info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdftext/htmlhttps://ieeexplore.ieee.org/abstract/document/5600026/http://ridda2.utp.ac.pa/handle/123456789/4782http://ridda2.utp.ac.pa/handle/123456789/4782enginfo:eu-repo/semantics/embargoedAccessreponame:Repositorio Institucional de documento digitales de acceso abierto de la UTPinstname:Universidad Tecnológica de Panamáinstacron:U Tecnológica de Panamáoai:ridda2.utp.ac.pa:123456789/47822021-07-06T15:35:05Z |
| spellingShingle | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks Pinzón Trejos, Cristian Intrusion Detection Agent Case-Based Reasoning Support Vector Machine Artificial Neural Network SQL Injection Intrusion Detection Agent Case-Based Reasoning Support Vector Machine Artificial Neural Network SQL Injection |
| status_str | publishedVersion |
| title | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| title_full | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| title_fullStr | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| title_full_unstemmed | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| title_short | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| title_sort | AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks |
| topic | Intrusion Detection Agent Case-Based Reasoning Support Vector Machine Artificial Neural Network SQL Injection Intrusion Detection Agent Case-Based Reasoning Support Vector Machine Artificial Neural Network SQL Injection |
| url | https://ieeexplore.ieee.org/abstract/document/5600026/ http://ridda2.utp.ac.pa/handle/123456789/4782 |