Title :
Evaluation of Anomaly Based Character Distribution Models in the Detection of SQL Injection Attacks
Author :
Kiani, Mehdi ; Clark, Andrew ; Mohay, George
Author_Institution :
Inf. Security Inst., Queensland Univ. of Technol., Brisbane, QLD
Abstract :
The ubiquity of Web applications has led to an increased focus on the development of attacks targeting these applications. One particular type of attack that has recently become prominent is the SQL injection attack. SQL injection attacks can potentially result in unauthorized access to confidential information stored in a backend database. In this paper we describe an anomaly based approach which utilizes the character distribution of certain sections of HTTP requests to detect previously unseen SQL injection attacks. Our approach requires no user interaction, and no modification of or access to, either the backend database or the source code of the web application itself. Our practical results suggest that the model proposed in this paper is superior to existing models at detecting SQL injection attacks. We also evaluate the effectiveness of our model at detecting different types of SQL injection attacks.
Keywords :
Internet; SQL; security of data; SQL injection attack detection; anomaly based character distribution models; backend database; Australia; Availability; Buffer overflow; Databases; Information security; Intrusion detection; Libraries; Production; Protocols; Web server; Anomaly Based Intrusion Detection System; SQL injection;
Conference_Titel :
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-0-7695-3102-1
DOI :
10.1109/ARES.2008.123
