Mostrar el registro sencillo del ítem
dc.contributor | Escuela de Ingenierias Industrial e Informatica | es_ES |
dc.contributor.author | Crespo Martínez, Ignacio Samuel | |
dc.contributor.author | Campazas Vega, Adrián | |
dc.contributor.author | Guerrero Higueras, Ángel Manuel | |
dc.contributor.author | Riego Del Castillo, Virginia | |
dc.contributor.author | Álvarez Aparicio, Claudia | |
dc.contributor.author | Fernández Llamas, Camino | |
dc.contributor.other | Ingenieria de Sistemas y Automatica | es_ES |
dc.date | 2023 | |
dc.date.accessioned | 2023-01-23T10:59:04Z | |
dc.date.available | 2023-01-23T10:59:04Z | |
dc.identifier.citation | Crespo-Martínez, I. S., Campazas-Vega, A., Guerrero-Higueras, Á. M., Riego-DelCastillo, V., Álvarez-Aparicio, C., & Fernández-Llamas, C. (2023). SQL injection attack detection in network flow data. Computers & Security, 127(103093), 103093. https://doi.org/10.1016/j.cose.2023.103093 | es_ES |
dc.identifier.issn | 0167-4048 | |
dc.identifier.uri | http://hdl.handle.net/10612/15468 | |
dc.description.abstract | [EN] SQL injections rank in the OWASP Top 3. The literature shows that analyzing network datagrams allows for detecting or preventing such attacks. Unfortunately, such detection usually implies studying all packets flowing in a computer network. Therefore, routers in charge of routing significant traffic loads usually cannot apply the solutions proposed in the literature. This work demonstrates that detecting SQL injection attacks on flow data from lightweight protocols is possible. For this purpose, we gathered two datasets collecting flow data from several SQL injection attacks on the most popular database engines. After evaluating several machine learning-based algorithms, we get a detection rate of over 97% with a false alarm rate of less than 0.07% with a Logistic Regression-based model. | es_ES |
dc.language | eng | es_ES |
dc.publisher | Elsevier | es_ES |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Internacional | * |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
dc.subject | Informática | es_ES |
dc.subject | Ingenierías | es_ES |
dc.subject.other | Ensamble learning | es_ES |
dc.subject.other | Machine learning | es_ES |
dc.subject.other | Netflow | es_ES |
dc.subject.other | Network security | es_ES |
dc.subject.other | SQLIA detection | es_ES |
dc.title | SQL injection attack detection in network flow data | es_ES |
dc.type | info:eu-repo/semantics/article | es_ES |
dc.identifier.doi | 10.1016/j.cose.2023.103093 | |
dc.description.peerreviewed | SI | es_ES |
dc.relation.projectID | info:eu-repo/grantAgreement/AEI/PID2021-126592OB-C21/10.13039/501100011033 | es_ES |
dc.rights.accessRights | info:eu-repo/semantics/openAccess | es_ES |
dc.journal.title | Computers & Security | es_ES |
dc.volume.number | 127 | es_ES |
dc.page.initial | 103093 | es_ES |
dc.type.hasVersion | info:eu-repo/semantics/publishedVersion | es_ES |
dc.description.project | Instituto Nacional de Ciberseguridad de España (INCIBE) | es_ES |
dc.description.project | Universidad de León | es_ES |
Ficheros en el ítem
Este ítem aparece en la(s) siguiente(s) colección(ones)
-
Artículos [4641]