AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks

SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent...

Full description

Saved in:
Bibliographic Details
Main Author: Pinzón Trejos, Cristian (author)
Other Authors: De Paz, Juan (author), Bajo, Javier (author), Herrero, Álvaro (author), Herrero, Emilio (author)
Format: article
Language:English
Published: 2018
Subjects:
Online Access:https://ieeexplore.ieee.org/abstract/document/5600026/
http://ridda2.utp.ac.pa/handle/123456789/4782
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1869451860422688768
author Pinzón Trejos, Cristian
author2 De Paz, Juan
Bajo, Javier
Herrero, Álvaro
Herrero, Emilio
author2_role author
author
author
author
author_browse Bajo, Javier
De Paz, Juan
Herrero, Emilio
Herrero, Álvaro
Pinzón Trejos, Cristian
author_facet Pinzón Trejos, Cristian
De Paz, Juan
Bajo, Javier
Herrero, Álvaro
Herrero, Emilio
author_role author
collection Repositorio Institucional de documento digitales de acceso abierto de la UTP
dc.creator.none.fl_str_mv Pinzón Trejos, Cristian
De Paz, Juan
Bajo, Javier
Herrero, Álvaro
Herrero, Emilio
dc.date.none.fl_str_mv 08/23/2010
08/23/2010
2018-06-05T19:12:13Z
2018-06-05T19:12:13Z
2018-06-05T19:12:13Z
2018-06-05T19:12:13Z
dc.format.none.fl_str_mv application/pdf
text/html
dc.identifier.none.fl_str_mv https://ieeexplore.ieee.org/abstract/document/5600026/
http://ridda2.utp.ac.pa/handle/123456789/4782
http://ridda2.utp.ac.pa/handle/123456789/4782
dc.language.none.fl_str_mv eng
dc.rights.none.fl_str_mv info:eu-repo/semantics/embargoedAccess
dc.source.none.fl_str_mv reponame:Repositorio Institucional de documento digitales de acceso abierto de la UTP
instname:Universidad Tecnológica de Panamá
instacron:U Tecnológica de Panamá
dc.subject.none.fl_str_mv Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
dc.title.none.fl_str_mv AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
dc.type.none.fl_str_mv info:eu-repo/semantics/article
info:eu-repo/semantics/publishedVersion
description SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.
eu_rights_str_mv embargoedAccess
format article
id PA_7930c834fdad4e944fe4de4b1cb928ee
instacron_str U Tecnológica de Panamá
institution U Tecnológica de Panamá
instname_str Universidad Tecnológica de Panamá
language eng
network_acronym_str PA
network_name_str oai la ref anni2
oai_identifier_str oai:ridda2.utp.ac.pa:123456789/4782
publishDate 2018
publishDateSort 2018
reponame_str Repositorio Institucional de documento digitales de acceso abierto de la UTP
repository.mail.fl_str_mv
repository.name.fl_str_mv
repository_id_str
spelling AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacksPinzón Trejos, CristianDe Paz, JuanBajo, JavierHerrero, ÁlvaroHerrero, EmilioIntrusion DetectionAgentCase-Based ReasoningSupport Vector MachineArtificial Neural NetworkSQL InjectionIntrusion DetectionAgentCase-Based ReasoningSupport Vector MachineArtificial Neural NetworkSQL InjectionSQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.SQL Injection attacks on web applications have become one of the most important information security concerns over the past few years. This paper presents a hybrid approach based on the Adaptive Intelligent Intrusion Detector Agent (AIIDA-SQL) for the detection of those attacks. The AIIDA-SQL agent incorporates a Case-Based Reasoning (CBR) engine which is equipped with learning and adaptation capabilities for the classification of SQL queries and detection of malicious user requests. To carry out the tasks of attack classification and detection, the agent incorporates advanced algorithms in the reasoning cycle stages. Concretely, an innovative classification model based on a mixture of an Artificial Neuronal Network together with a Support Vector Machine is applied in the reuse stage of the CBR cycle. This strategy enables to classify the received SQL queries in a reliable way. Finally, a projection neural technique is incorporated, which notably eases the revision stage carried out by human experts in the case of suspicious queries. The experimental results obtained on a real-traffic case study show that AIIDA-SQL performs remarkably well in practice.2018-06-05T19:12:13Z2018-06-05T19:12:13Z2018-06-05T19:12:13Z2018-06-05T19:12:13Z08/23/201008/23/2010info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdftext/htmlhttps://ieeexplore.ieee.org/abstract/document/5600026/http://ridda2.utp.ac.pa/handle/123456789/4782http://ridda2.utp.ac.pa/handle/123456789/4782enginfo:eu-repo/semantics/embargoedAccessreponame:Repositorio Institucional de documento digitales de acceso abierto de la UTPinstname:Universidad Tecnológica de Panamáinstacron:U Tecnológica de Panamáoai:ridda2.utp.ac.pa:123456789/47822021-07-06T15:35:05Z
spellingShingle AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
Pinzón Trejos, Cristian
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
status_str publishedVersion
title AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_full AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_fullStr AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_full_unstemmed AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_short AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
title_sort AIIDA-SQL: An Adaptive Intelligent Intrusion Detector Agent for detecting SQL Injection attacks
topic Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
Intrusion Detection
Agent
Case-Based Reasoning
Support Vector Machine
Artificial Neural Network
SQL Injection
url https://ieeexplore.ieee.org/abstract/document/5600026/
http://ridda2.utp.ac.pa/handle/123456789/4782