Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEEARES
2008
IEEE
2008
IEEE
Evaluation of Anomaly Based Character Distribution Models in the Detection of SQL Injection Attacks
The ubiquity of web applications has led to an increased focus on the development of attacks targeting these applications. One particular type of attack that has recently become prominent is the SQL injection attack. SQL injection attacks can potentially result in unauthorized access to confidential information stored in a backend database. In this paper we describe an anomaly based approach which utilizes the character distribution of certain sections of HTTP requests to detect previously unseen SQL injection attacks. Our approach requires no user interaction, and no modification of, or access to, either the backend database or the source code of the web application itself. Our practical results suggest that the model proposed in this paper is superior to existing models at detecting SQL injection attacks. We also evaluate the effectiveness of our model at detecting different types of SQL injection attacks.
Real-time TrafficBackend Database | IEEEARES 2008 | Security Privacy | SQL Injection Attacks | Unseen Sql Injection |
| Added | 31 May 2010 |
| Updated | 31 May 2010 |
| Type | Conference |
| Year | 2008 |
| Where | IEEEARES |
| Authors | Mehdi Kiani, Andrew Clark, George M. Mohay |
Comments (0)
Researcher Info
|
