Title :
A New Database Firewall Based on Anomaly Detection
Author :
Sun, Jianhua ; Chen, Hao ; Niu, Chunmei
Author_Institution :
Sch. of Comput. & Commun., Hunan Univ., Changsha, China
Abstract :
We present here a data-base firewall to prevent from attacks against MySQL back-end data-base of web applications. It works as a data-base connection proxy, which means that the web applications connect to the DB-FW rather than the original MySQL server directly. The firewall listens SQL query requests from the client as well as analyzes them, and then if they are safe, will call the original MySQL server to execute the queries, else will block the queries and return an empty result to the client. It can be configured to work under different ways. Here we use a special method to analyze the SQL queries, not only analyzes the structure of the queries but also the user inputs with some models, all of which allow for the detection of known and unknown attacks with low false positives and false negatives. From the experiments, we can see that it has a low performance overhead.
Keywords :
SQL; authorisation; MySQL back-end database; anomaly detection; database firewall; original MySQL server; Data models; Feature extraction; Fires; Numerical models; Performance evaluation; Security; Servers; anomaly detection; data-base firewall; data-base security; firewall;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies (PDCAT), 2010 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-9110-0
Electronic_ISBN :
978-0-7695-4287-4
DOI :
10.1109/PDCAT.2010.71
