Machine Learning Blunts the Needle of Advanced SQL Injections

Volkova, Marina; Chmelar, Petr; Sobotka, Lukas

doi:10.13164/mendel.2019.1.023

Cited by 4 publications

(5 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…With the assistance of IDSs, [107] and [108] presented different approaches. For instance, Ross et al [107] work by capturing request data in two points: first in web application using snort IDS and save data in PCAP file.…”

Section: ) Sql Injectionmentioning

confidence: 99%

“…These two datasets process using bash shell scripts and save into one file to create the correlated dataset. Volkova et al [108] applied ML approaches for identifying SQLI in the HTTP query string. They compare results from SVMs, Rule-based IDS, Neural Network with Dropout layers, Multilayer Perceptron (MLP), and Deep Sequential Models (Gated Recurrent Units, and Long Short-Term Memory) using bag-of-word techniques, word embedding for query string vectorization, and multiple string analysis.…”

Section: ) Sql Injectionmentioning

confidence: 99%

See 1 more Smart Citation

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Faisal

Elshoush

2023

IEEE Access

View full text Add to dashboard Cite

In recent years, huge increase in attacks and data breaches is noticed. Most of the attacks are performed and focused on the vulnerabilities related to web applications. Hence, nowadays the mitigation of application vulnerabilities is an ignited research area. Thus, due to the potential high severity impacts of web application, many different approaches have been proposed in the past decades to mitigate the damages of application vulnerabilities. Static and dynamic analysis are the two main techniques used. In this paper, a new classification for web application input validation vulnerabilities is proffered. In addition, various techniques/tools that are used to detect them are analyzed and evaluated to apprehend their strengths and weaknesses. Thus, this paper provides both technical as well as literature countermeasures to input validation vulnerabilities. Moreover, various statistical distributions of the reviewed techniques were manifested and scrutinize in different aspects to reveal the perception of the prevailing techniques and the gaps in the literature. In addition, the most widespread metrics are also propounded.

show abstract

Section: ) Sql Injectionmentioning

confidence: 99%

Section: ) Sql Injectionmentioning

confidence: 99%

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Faisal

Elshoush

2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…The extracted feature is then accepted by the ML classifier, which trains the model to identify the injected query. The SVM [103,104], DT, NB [73,105,106], and other algorithms in ML techniques [75,[107][108][109][110][111] are used to solve classification algorithms. The trained model passes all stages such as preprocessing and feature extraction.…”

Section: Nature Of Attack Recommended Techniquementioning

confidence: 99%

Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques

Demilie¹,

Deriba²

2022

J Big Data

View full text Add to dashboard Cite

A web application is a software system that provides an interface to its users through a web browser on any operating system (OS). Despite their growing popularity, web application security threats have become more diverse, resulting in more severe damage. Malware attacks, particularly SQLI attacks, are common in poorly designed web applications. This vulnerability has been known for more than two decades and is still a source of concern. Accordingly, different techniques have been proposed to counter SQLI attacks. However, the majority of them either fail to cover the entire scope of the problem. The structured query language injection (SQLI) attack is among the most harmful online application attacks and often happens when the attacker(s) alter (modify), remove (delete), read, and copy data from database servers. All facets of security, including confidentiality, data integrity, and data availability, can be impacted by a successful SQLI attack. This paper investigates common SQLI attack forms, mechanisms, and a method of identifying, detecting, and preventing them based on the existence of the SQL query. Here, we have developed a comprehensive framework for detecting and preventing the effectiveness of techniques that address specific issues following the essence of the SQLI attacks by using traditional Navies Bayes (NB), Decision Trees (DT), Support Vectors Machine (SVM), Random Forests (RF), Logistic Regression (LR), and Neural Networks Based on Multilayer Perceptron (MLP), and hybrid approach are used for our study. The machine learning (ML) algorithms were implemented using the Keras library, while the classical methods were implemented using the Tensor Flow-Learn package. For this proposed research work, we gathered 54,306 pieces of data from weblogs, cookies, session usage, and from HTTP (S) request files to train and test our model. The performance evaluation results for training set in metrics such as the hybrid approach (ANN and SVM) perform better accuracies in precision (99.05% and 99.54%), recall (99.65% and 99.61%), f1-score (99.35% and 99.57%), and training set (99.20% and 99.60%) respectively than other ML approaches. However, their training time is too high (i.e., 19.62 and 26.16 s respectively) for NB and RF. Accordingly, the NB technique performs poorly in accuracy, precision, recall, f1-score, training set evaluation metrics, and best in training time. Additionally, the performance evaluation results for test set in metrics such as hybrid approach (ANN and SVM) perform better accuracies in precision (98.87% and 99.20%), recall (99.13% and 99.47%), f1-score (99.00% and 99.33%) and test set (98.70% and 99.40%) respectively than other ML approaches. However, their test time is too high (i.e., 11.76 and 15.33 ms respectively). Accordingly, the NB technique performs poorly in accuracy, precision, recall, f1-score, test set evaluation metrics, and best in training time. Here, among the implemented ML techniques, SVM and ANN are weak learners. The achieved performance evaluation results indicated that the proposed SQLI attack detection and prevention mechanism has been improved over the previously implemented techniques in the theme. Finally, in this paper, we aimed to keep researchers up-to-date, with contributions, and recommendations to the understanding of the intersection between SQLI attacks and prevention in the artificial intelligence (AI) field.

show abstract

“…11 explains ZAP has obtained and collected the results as evidence of response messages that come from scanning the Application, so the scanning process using ZAP will explain to us about valuable information relating to vulnerabilities. 11 https://en.wikipedia.org/wiki/Apache_HTTP_Server 12 https://en.wikipedia.org/wiki/MySQL 13 https://en.wikipedia.org/wiki/Web_application 14 https://en.wikipedia.org/wiki/XAMPP 2) Arachni reports as a whole that recorded on the results of the webserver scan with a report explaining starting from the base URL to the web application directory in Fig. 12.…”

Section: B Examinationmentioning

confidence: 99%

“…Even though the web server is physically protected, web applications that run in the environment are not protected from attacks through computer networks. The attacks referred to according to OWASP Top 10-2017 among other things, Injection Weaknesses such as SQL injection 5 , NoSQL 6 , OS 7 , and LDAP 8 are caused when fake data is sent to the server as part of the order [11].…”

Section: Introductionmentioning

confidence: 99%

Vulnerability Analysis of E-voting Application using Open Web Application Security Project (OWASP) Framework

Sunardi¹,

Riadi²,

Raharja³

2019

IJACSA

View full text Add to dashboard Cite

This paper reports on security concerns in the Evoting used for the election of village heads. Analysis of the system and server uses two different tools to determine the accuracy of scanning vulnerabilities based on the OWASP Framework. We reported that the results of the scanning using the ZAP tool got vulnerability information with the following risk level, one high level, three medium levels, and eleven low levels. The Arachni tool got vulnerability information with the following risk level, one high level, three medium levels, and two low levels. ZAP has a more complex vulnerability view than Arachni. Fatal findings on E-voting in this E-voting system is XSS, which impacts clients, which can be exploited by attackers to bypass security. Directory Traversal allows attackers to access directories and can execute commands outside of the web server's base directory. Cyber Hiscox Readiness report in 2018 in several European countries such as The United States, Britain, Germany, Spain, and the Netherlands, that the Attackers target through the most vulnerable security holes such as injection, Broken Authentication, Sensitive Data Exposure, XXE, Merged, Security Misconfiguration, XSS, Insecure Deserialization, Using Components with Known Vulnerabilities, Insufficient Logging, and Monitoring. The purpose of cyberattacks alone can threaten the stability of the country and disturb other factors. E-voting, as part of an electronic government system, needs to be audited in terms of security, which can cause the system to disrupt.

show abstract

Machine Learning Blunts the Needle of Advanced SQL Injections

Cited by 4 publications

References 14 publications

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques

Vulnerability Analysis of E-voting Application using Open Web Application Security Project (OWASP) Framework

Contact Info

Product

Resources

About