Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACMSE
2006
ACM
2006
ACM
Application layer intrusion detection for SQL injection
SQL injection attacks potentially affect all applications, especially web applications, that utilize a database backend. While these attacks are generally against the applications and not the database directly, there are some techniques that can be deployed to mitigate the risk at the database server. Database intrusion detection systems are often based on signatures of known exploits and honey tokens, traps set in the database. This paper examines the threat from SQL injection attacks, the reasons traditional database access control is not sufficient to stop them, and some of the techniques used to detect them. Moreover, it proposes a model for an anomalous SQL detector which observes the database traffic from the perspective of the database server itself. The proposed anomaly model can be used in conjunction with the existing methods to give the database server a way to mitigate the SQL injection risk that is a major application security problem. Keywords SQL injection, database s...
Real-time TrafficRelated Content
| Added | 13 Jun 2010 |
| Updated | 13 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | ACMSE |
| Authors | Frank S. Rietta |
Comments (0)
Researcher Info
|
