Title :
Detecting SQL injection attacks using SNORT IDS
Author :
Alnabulsi, Hussein ; Islam, Md Rafiqul ; Mamun, Quazi
Author_Institution :
Sch. of Comp & Math., Charles Start Univ., Albury, NSW, Australia
Abstract :
SQL injection attack poses a serious security threats among the Internet community nowadays and it´s continue to increase exploiting flaws found in the Web applications. In SQL injection attack, the attackers can take advantage of poorly coded web application software to introduce malicious code into the system and/or could retrieve important information. Web applications are under siege from cyber criminals seeking to steal confidential information and disable or damage the services offered by these application. Therefore, additional steps must be taken to ensure data security and integrity of the applications. In this paper we propose an innovative solution to filter the SQL injection attack using SNORT IDS. The proposed detection technique uses SNORT tool by augmenting a number of additional SNORT rules. We evaluate the proposed solution by comparing our method with several existing techniques. Experimental results demonstrate that the proposed method outperforms other similar techniques using the same data set.
Keywords :
Internet; SQL; computer crime; data integrity; Internet community; SNORT IDS; SNORT rules; SNORT tool; SQL injection attack detection; Web applications; confidential information; cyber criminals; data integrity; data security; information retrieval; malicious code; poorly coded Web application software; serious security threat; Communities; Databases; Educational institutions; Internet; Intrusion detection; Testing; Intrusion detection; SNORT; SQL Injection; topology;
Conference_Titel :
Computer Science and Engineering (APWC on CSE), 2014 Asia-Pacific World Congress on
Print_ISBN :
978-1-4799-1955-0
DOI :
10.1109/APWCCSE.2014.7053873
