SQL injection attack detection in network flow data

Detection and Prevention of SQL Injection attack

SQL injection is a technique where the attacker injects an input in the query in order to change the structure of the query intended by the programmer and gaining the access of the database which results modification or deletion of the user’s data. In the injection it exploits a security vulnerability occurring in database layer of an application. SQL injection attack is the most common attack ...

Data-mining based SQL injection attack detection using internal query trees

Detecting SQL injection attacks (SQLIAs) is becoming increasingly important in database-driven web sites. Until now, most of the studies on SQLIA detection have focused on the structured query language (SQL) structure at the application level. Unfortunately, this approach inevitably fails to detect those attacks that use already stored procedure and data within the database system. In this pape...

Tampering THE SQL code INJECTION attack

− As Internet Telephony and Voice over IP (VoIP) are considered advanced Internet applications/services, they are vulnerable to attacks existing in Internet applications/services. For instance HTTP digest authentication attacks, malformed messages, message tampering with malicious code, SQL injection and more, can be launched against any Internet application/service. In this paper, we describe,...

SQL Injection Evasion Detection

Network Attack Detection at Flow Level

In this paper, we propose a new method for detecting unauthorized network intrusions, based on a traffic flow model and Cisco NetFlow protocol application. The method developed allows us not only to detect the most common types of network attack (DDoS and port scanning), but also to make a list of trespassers’ IP-addresses. Therefore, this method can be applied in intrusion detection systems, a...