a b s t r a c tThis study presents a multiagent architecture aimed at detecting SQL injection attacks, which are one of the most prevalent threats for modern databases. The proposed architecture is based on a hierarchical and distributed strategy where the functionalities are structured on layers. SQL-injection attacks, one of the most dangerous attacks to online databases, are the focus of this research. The agents in each one of the layers are specialized in specific tasks, such as data gathering, data classification, and visualization. This study presents two key agents under a hybrid architecture: a classifier agent that incorporates a Case-Based Reasoning engine employing advanced algorithms in the reasoning cycle stages, and a visualizer agent that integrates several techniques to facilitate the visual analysis of suspicious queries. The former incorporates a new classification model based on a mixture of a neural network and a Support Vector Machine in order to classify SQL queries in a reliable way. The latter combines clustering and neural projection techniques to support the visual analysis and identification of target attacks. The proposed approach was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented in this paper.
Your article is protected by copyright and all rights are held exclusively by Springer-Verlag London Limited. This e-offprint is for personal use only and shall not be self-archived in electronic repositories. If you wish to selfarchive your work, please use the accepted author's version for posting to your own website or your institution's repository. You may further deposit the accepted author's version on a funder's repository at a funder's request, provided it is not made publicly available until 12 months after publication.
The availability of services can be comprimised if a service request sent to the web services server hides some form of attack within its contents. This article presents AIDeM (An Agent-Based Intrusion Detection Mechanism), an adaptive solution for dealing with DoS attacks in Web service environments. The solution proposes a two phased mechanism in which each phase incorporates a special type of CBR-BDI agent that functions as a classifier. In the first phase, a case-based reasoning (CBR) engine utilizes a Naïves Bayes strategy to carry out an initial filter, and in the second phase, a CBR engine incorporates a neural network to complete the classification mechanism. AIDeM has been applied within the FUSION@ architecture to improve its current security mechanism. A prototype of the architecture was developed and applied to a case study. The results obtained are presented in this study.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.