SQL Injection Attacks Detection &amp; Prevention Techniques

Yigit, Gulsum; Arnavutoğlu, Merve

doi:10.7763/ijcte.2017.v9.1165

Cited by 11 publications

(6 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…En la fase estática, según [32], las consultas SQL generadas por el usuario son comparados con una lista de patrones que contienen una muestra de los patrones de ataque más conocidos. Si la sentencia SQL concuerda exactamente con uno de los patrones dados en la lista de patrones estáticos, significa que se está intentando un ataque SQL.…”

Section: Discussionunclassified

Análisis de vulnerabilidades con SQLMAP aplicada a entornos APEX 5

Crespo-Martínez

2020

Ingenius

View full text Add to dashboard Cite

Las bases de datos son usualmente los principales objetivos de un ataque, específicamente por la información que en ella reside, ya que, de acuerdo con Druker, la información es poder. En este trabajo se realizan las pruebas de vulnerabilidad de la base de datos de un software ERP desarrollado en APEX 5. Para ello, se utilizan herramientas FOSS de prueba y análisis de vulnerabilidades de bases de datos, identificando que las sesiones que utiliza ERP basada en Oracle APEX son realizadas de manera aleatoria y que, además, son nuevamente generadas en determinados momentos. Se concluye que, con las pruebas aplicadas y las actualizaciones de SQLMAP a la fecha del experimento, no se ha conseguido vulnerar el software ERP con técnicas de inyección SQL.

show abstract

Section: Discussionunclassified

Análisis de vulnerabilidades con SQLMAP aplicada a entornos APEX 5

Crespo-Martínez

2020

Ingenius

View full text Add to dashboard Cite

show abstract

“…The attacker attempts to use a conditional query argument to test always true in the tautology attack, such as (1 = 1) or (− −). The attacker injects the condition and transforms it into a tautology that is always valid using the WHERE clause [91,92]. This type of attack is commonly used to access databases without requiring authentication on websites [1].…”

Section: Tautology Attackmentioning

confidence: 99%

Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques

Demilie¹,

Deriba²

2022

J Big Data

View full text Add to dashboard Cite

A web application is a software system that provides an interface to its users through a web browser on any operating system (OS). Despite their growing popularity, web application security threats have become more diverse, resulting in more severe damage. Malware attacks, particularly SQLI attacks, are common in poorly designed web applications. This vulnerability has been known for more than two decades and is still a source of concern. Accordingly, different techniques have been proposed to counter SQLI attacks. However, the majority of them either fail to cover the entire scope of the problem. The structured query language injection (SQLI) attack is among the most harmful online application attacks and often happens when the attacker(s) alter (modify), remove (delete), read, and copy data from database servers. All facets of security, including confidentiality, data integrity, and data availability, can be impacted by a successful SQLI attack. This paper investigates common SQLI attack forms, mechanisms, and a method of identifying, detecting, and preventing them based on the existence of the SQL query. Here, we have developed a comprehensive framework for detecting and preventing the effectiveness of techniques that address specific issues following the essence of the SQLI attacks by using traditional Navies Bayes (NB), Decision Trees (DT), Support Vectors Machine (SVM), Random Forests (RF), Logistic Regression (LR), and Neural Networks Based on Multilayer Perceptron (MLP), and hybrid approach are used for our study. The machine learning (ML) algorithms were implemented using the Keras library, while the classical methods were implemented using the Tensor Flow-Learn package. For this proposed research work, we gathered 54,306 pieces of data from weblogs, cookies, session usage, and from HTTP (S) request files to train and test our model. The performance evaluation results for training set in metrics such as the hybrid approach (ANN and SVM) perform better accuracies in precision (99.05% and 99.54%), recall (99.65% and 99.61%), f1-score (99.35% and 99.57%), and training set (99.20% and 99.60%) respectively than other ML approaches. However, their training time is too high (i.e., 19.62 and 26.16 s respectively) for NB and RF. Accordingly, the NB technique performs poorly in accuracy, precision, recall, f1-score, training set evaluation metrics, and best in training time. Additionally, the performance evaluation results for test set in metrics such as hybrid approach (ANN and SVM) perform better accuracies in precision (98.87% and 99.20%), recall (99.13% and 99.47%), f1-score (99.00% and 99.33%) and test set (98.70% and 99.40%) respectively than other ML approaches. However, their test time is too high (i.e., 11.76 and 15.33 ms respectively). Accordingly, the NB technique performs poorly in accuracy, precision, recall, f1-score, test set evaluation metrics, and best in training time. Here, among the implemented ML techniques, SVM and ANN are weak learners. The achieved performance evaluation results indicated that the proposed SQLI attack detection and prevention mechanism has been improved over the previously implemented techniques in the theme. Finally, in this paper, we aimed to keep researchers up-to-date, with contributions, and recommendations to the understanding of the intersection between SQLI attacks and prevention in the artificial intelligence (AI) field.

show abstract

“…In this attack, the attacker tries to use a conditional question argument to test always true in the tautology attack. The attacker injects the condition and transforms it into a tautology that is always valid using the WHERE clause [41] The most common type of tautology attack, the nature of the attack, and the approach used to detect them is described below in table 1.…”

Section: Tautology Attackmentioning

confidence: 99%

“…Different forms of attack under inference query are shown in table 6 below. Blind SQL injection [41] Collect valuable data by inferring from the page's answers after asking the server a set of true/false questions.…”

Section: Stored Procedures Querymentioning

confidence: 99%

Attacks on SQL Injection and Developing Compressive Framework Using a Hybrid and Machine Learning Approach

Deriba¹,

Kassa²,

Demilie³

2022

Preprint

View full text Add to dashboard Cite

Web applications play an important role in everyday life. Various Web applications are used to carry out billions of online transactions. These applications are vulnerable to attacks due to their extensive use. The most prevalent attack is SQL injection, which accepts user input and runs queries in the backend based on the user's input, returning desired results. To counter the SQL injection attack, various approaches have been offered; however, the majority of them either fail to cover the full breadth of the problem. This research paper looks into frequent SQL injection attack forms, their mechanisms, and a way of identifying them based on the SQL query's existence. We propose a comprehensive framework for determining the effectiveness of techniques that address certain issues following the essence of the attack, using hybrid (Statistic and dynamic) and machine learning. An extensive examination of the model based on a test set indicates that the Hybrid and ANN approaches outperform Naive Bayes, SVM, and Decision trees in terms of accuracy in classifying injected Queries. However, when it came to web loading time during testing, Nave Bayes outperformed. The Hybrid Method improved the accuracy of SQL injection attack prevention, according to the test findings. Although we used a limited dataset for training and testing in our study, it is advised that the dataset be expanded and the model be tested in a real-world setting.

show abstract

SQL Injection Attacks Detection & Prevention Techniques

Cited by 11 publications

References 13 publications

Análisis de vulnerabilidades con SQLMAP aplicada a entornos APEX 5

Análisis de vulnerabilidades con SQLMAP aplicada a entornos APEX 5

Detection and prevention of SQLI attacks and developing compressive framework using machine learning and hybrid techniques

Attacks on SQL Injection and Developing Compressive Framework Using a Hybrid and Machine Learning Approach

Contact Info

Product

Resources

About