SQL injection attack detection using fingerprints and pattern matching technique
Title | SQL injection attack detection using fingerprints and pattern matching technique |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Appiah, B., Opoku-Mensah, E., Qin, Z. |
Conference Name | 2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS) |
Keywords | attack signatures, Collaboration, computer network security, Databases, Engines, fingerprint method, Fingerprint recognition, fingerprinting method, Human Behavior, Internet, intranet, Open Web Application Security Project Top Ten Cheat sheet, OWASP, password, Pattern matching, pattern matching technique, policy, policy-based governance, Policy-Governed Secure Collaboration, privacy, Programming, pubcrawl, Resiliency, SQL, SQL Injection, SQL Injection Attack Detection, SQL injection attack detection framework, SQL Injection attacks, SQL injection detection approaches, SQL queries, String Search, Web-based applications |
Abstract | Web-Based applications are becoming more increasingly technically complex and sophisticated. The very nature of their feature-rich design and their capability to collate, process, and disseminate information over the Internet or from within an intranet makes them a popular target for attack. According to Open Web Application Security Project (OWASP) Top Ten Cheat sheet-2017, SQL Injection Attack is at peak among online attacks. This can be attributed primarily to lack of awareness on software security. Developing effective SQL injection detection approaches has been a challenge in spite of extensive research in this area. In this paper, we propose a signature based SQL injection attack detection framework by integrating fingerprinting method and Pattern Matching to distinguish genuine SQL queries from malicious queries. Our framework monitors SQL queries to the database and compares them against a dataset of signatures from known SQL injection attacks. If the fingerprint method cannot determine the legitimacy of query alone, then the Aho Corasick algorithm is invoked to ascertain whether attack signatures appear in the queries. The initial experimental results of our framework indicate the approach can identify wide variety of SQL injection attacks with negligible impact on performance. |
URL | https://ieeexplore.ieee.org/document/8342983 |
DOI | 10.1109/ICSESS.2017.8342983 |
Citation Key | appiah_sql_2017 |
- Policy
- Web-based applications
- String Search
- SQL queries
- SQL injection detection approaches
- SQL Injection attacks
- SQL injection attack detection framework
- SQL Injection Attack Detection
- SQL injection
- SQL
- Resiliency
- pubcrawl
- programming
- privacy
- Policy-Governed Secure Collaboration
- policy-based governance
- attack signatures
- pattern matching technique
- pattern matching
- password
- OWASP
- Open Web Application Security Project Top Ten Cheat sheet
- intranet
- internet
- Human behavior
- fingerprinting method
- Fingerprint recognition
- fingerprint method
- Engines
- Databases
- computer network security
- collaboration