Please use this identifier to cite or link to this item:
Title: SQL Injection detection using machine learning
Authors: Joshi, A.
Geetha, V.
Issue Date: 2014
Citation: 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies, ICCICCT 2014, 2014, Vol., , pp.1111-1115
Abstract: In the present world, the web is the firmest and most common medium of communication and business interchange. Every day, millions of data are loaded through various channels on the web by users and user input can be malicious. Therefore, security becomes a very important aspect of web applications. Since they are easily accessible, they are prone to many vulnerabilities which if neglected can cause harm. The attackers make use of these loopholes to gain unauthorized access by performing various illegal activities. SQL Injection is one such attack which is easy to perform but difficult to detect because of its varied types and channel. This may result in theft, leak of personal data or loss of property. In this paper we have analyzed the existing solutions to the problems such as AMNESIA [1] and SQLrand [3] and their limitations. We have devised a classifier for detection of SQL Injection attacks. The proposed classifier uses combination of Na�ve Bayes machine learning algorithm and Role Based Access Control mechanism for detection. The proposed model is tested based on the test cases derived from the three SQLIA attacks: comments, union and tautology. � 2014 IEEE.
Appears in Collections:2. Conference Papers

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.