2024-03-28T13:21:33Zhttp://buleria.unileon.es/oai/requestoai:buleria.unileon.es:10612/154682023-10-19T07:16:58Zcom_10612_17col_10612_18
SQL injection attack detection in network flow data
Crespo Martínez, Ignacio Samuel
Campazas Vega, Adrián
Guerrero Higueras, Ángel Manuel
Riego Del Castillo, Virginia
Álvarez Aparicio, Claudia
Fernández Llamas, Camino
Ingenieria de Sistemas y Automatica
Informática
Ingenierías
[EN] SQL injections rank in the OWASP Top 3. The literature shows that analyzing network datagrams allows for detecting or preventing such attacks. Unfortunately, such detection usually implies studying all packets flowing in a computer network. Therefore, routers in charge of routing significant traffic loads usually cannot apply the solutions proposed in the literature. This work demonstrates that detecting SQL injection attacks on flow data from lightweight protocols is possible. For this purpose, we gathered two datasets collecting flow data from several SQL injection attacks on the most popular database engines. After evaluating several machine learning-based algorithms, we get a detection rate of over 97% with a false alarm rate of less than 0.07% with a Logistic Regression-based model.
2023-01-23T10:59:04Z
2023-01-23T10:59:04Z
info:eu-repo/semantics/article
Crespo-Martínez, I. S., Campazas-Vega, A., Guerrero-Higueras, Á. M., Riego-DelCastillo, V., Álvarez-Aparicio, C., & Fernández-Llamas, C. (2023). SQL injection attack detection in network flow data. Computers & Security, 127(103093), 103093. https://doi.org/10.1016/j.cose.2023.103093
0167-4048
http://hdl.handle.net/10612/15468
10.1016/j.cose.2023.103093
info:eu-repo/grantAgreement/AEI/PID2021-126592OB-C21/10.13039/501100011033
http://creativecommons.org/licenses/by-nc-nd/4.0/
info:eu-repo/semantics/openAccess
Attribution-NonCommercial-NoDerivatives 4.0 Internacional
Elsevier