A Learning-based Neural Network Model for the Detection and Classification of SQL Injection Attacks

Structured Query Language injection (SQLi) attack is a code injection technique where hackers inject SQL commands into a database via a vulnerable web application. Injected SQL commands can modify the back-end SQL database and thus compromise the security of a web application. In the previous publications, the author has proposed a Neural Network (NN)-based model for detections and classifications of the SQLi attacks. The proposed model was built from three elements: 1) a Uniform Resource Locator (URL) generator, 2) a URL classifier, and 3) a NN model. The proposed model was successful to: 1) detect each generated URL as either a benign URL or a malicious, and 2) identify the type of SQLi attack for each malicious URL. The published results proved the effectiveness of the proposal. In this paper, the author re-evaluates the performance of the proposal through two scenarios using controversial data sets. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed model in terms of accuracy, true-positive rate as well as false-positive rate.

MoreLess

Year of publication:	2017
Authors:	Sheykhkanloo, Naghmeh Moradpoor
Published in:	International Journal of Cyber Warfare and Terrorism (IJCWT). - IGI Global, ISSN 1947-3443, ZDB-ID 2703180-9. - Vol. 7.2017, 2 (01.04.), p. 16-41
Publisher:	IGI Global
Subject:	Artificial Intelligence \| Databases \| Intrusion Detection \| Machine Learning \| Neural Networks \| SQL Injection Attacks \| Web Attacks

Online Resource

Check full text access |

More access options

doi.org

Check Google Scholar

In libraries world-wide (WorldCat)

In German libraries (KVK)

subito order

I need help

More details

Type of publication:	Article
Language:	English
Other identifiers:	10.4018/IJCWT.2017040102 [DOI]
Source:	Other ZBW resources

Persistent link: https://www.econbiz.de/10012043885