Dr Naghmeh Moradpoor Sheykhkanloo N.Moradpoor@napier.ac.uk
Lecturer
A Learning-based Neural Network Model for the Detection and Classification of SQL Injection Attacks
Sheykhkanloo, Naghmeh Moradpoor
Authors
Abstract
Structured Query Language injection (SQLi) attack is a code injection technique where hackers inject SQL commands into a database via a vulnerable web application. Injected SQL commands can modify the back-end SQL database and thus compromise the security of a web application. In the previous publications, the author has proposed a Neural Network (NN)-based model for detections and classifications of the SQLi attacks. The proposed model was built from three elements: 1) a Uniform Resource Locator (URL) generator, 2) a URL classifier, and 3) a NN model. The proposed model was successful to: 1) detect each generated URL as either a benign URL or a malicious, and 2) identify the type of SQLi attack for each malicious URL. The published results proved the effectiveness of the proposal. In this paper, the author re-evaluates the performance of the proposal through two scenarios using controversial data sets. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed model in terms of accuracy, true-positive rate as well as false-positive rate.
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Feb 18, 2017 |
| Online Publication Date | Apr 1, 2017 |
| Publication Date | 2017-04 |
| Deposit Date | Feb 28, 2017 |
| Publicly Available Date | Mar 2, 2017 |
| Journal | International Journal of Cyber Warfare and Terrorism |
| Print ISSN | 1947-3435 |
| Electronic ISSN | 1947-3443 |
| Publisher | IGI Global |
| Peer Reviewed | Peer Reviewed |
| Volume | 7 |
| Issue | 2 |
| Pages | 16-41 |
| DOI | https://doi.org/10.4018/ijcwt.2017040102 |
| Keywords | Intrusion Detection, SQL injection attacks, machine; learning, Artificial Intelligence, Neural Networks, Web Attacks,; Databases |
| Public URL | http://researchrepository.napier.ac.uk/Output/690701 |
| Contract Date | Feb 28, 2017 |
Files
A Learning-based Neural Network Model for the Detection and Classification of SQL Injection Attacks
(817 Kb)
PDF
You might also like
Assessing the Performance of Ethereum and Hyperledger Fabric Under DDoS Attacks for Cyber-Physical Systems
(2024)
Presentation / Conference Contribution
Enhancing Mac OS Malware Detection through Machine Learning and Mach-O File Analysis
(2024)
Presentation / Conference Contribution
Assessment and Analysis of IoT Protocol Effectiveness in Data Exfiltration Scenario
(2024)
Presentation / Conference Contribution
Enhancing Cloud Computing Security Through Blockchain-Based Communication for Electronic Health Records
(2024)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search