RT info:eu-repo/semantics/article
T1 SQL injection attack detection in network flow data
A1 Crespo Martínez, Ignacio Samuel
A1 Campazas Vega, Adrián
A1 Guerrero Higueras, Ángel Manuel
A1 Riego Del Castillo, Virginia
A1 Álvarez Aparicio, Claudia
A1 Fernández Llamas, Camino
A2 Ingenieria de Sistemas y Automatica
K1 Informática
K1 Ingenierías
K1 Ensamble learning
K1 Machine learning
K1 Netflow
K1 Network security
K1 SQLIA detection
AB [EN] SQL injections rank in the OWASP Top 3. The literature shows that analyzing network datagrams allows for detecting or preventing such attacks. Unfortunately, such detection usually implies studying all packets flowing in a computer network. Therefore, routers in charge of routing significant traffic loads usually cannot apply the solutions proposed in the literature. This work demonstrates that detecting SQL injection attacks on flow data from lightweight protocols is possible. For this purpose, we gathered two datasets collecting flow data from several SQL injection attacks on the most popular database engines. After evaluating several machine learning-based algorithms, we get a detection rate of over 97% with a false alarm rate of less than 0.07% with a Logistic Regression-based model.
PB Elsevier
SN 0167-4048
LK http://hdl.handle.net/10612/15468
UL http://hdl.handle.net/10612/15468
NO Crespo-Martínez, I. S., Campazas-Vega, A., Guerrero-Higueras, Á. M., Riego-DelCastillo, V., Álvarez-Aparicio, C., & Fernández-Llamas, C. (2023). SQL injection attack detection in network flow data. Computers & Security, 127(103093), 103093. https://doi.org/10.1016/j.cose.2023.103093
DS BULERIA. Repositorio Institucional de la Universidad de León
RD 27-abr-2024