Approach to detecting SQL injection behaviors in network environment

Approach to detecting SQL injection behaviors in network environment

SQL injection attack is one of the main threats that many Web applications faced with. The traditional detection method depended on the clients or servers. Firstly the process of SQL injection attack was analyzed, and then the differences between attack traffic and normal traffic HTTP request length...

Full description

Saved in:
Bibliographic Details
Main Authors: Yu-fei ZHAO, Gang XIONG, Long-tao HE, Zhou-jun LI
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2016-02-01
Series:Tongxin xuebao
Subjects:
Web security
SQL injection
network traffic
outlier detection
Online Access:http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2016034/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:SQL injection attack is one of the main threats that many Web applications faced with. The traditional detection method depended on the clients or servers. Firstly the process of SQL injection attack was analyzed, and then the differences between attack traffic and normal traffic HTTP request length, HTTP connections and feature string were discovered. Based on the request length, request frequency and feature string, a new method, LFF (length-frequency-feature), was proposed to detect SQL injection behaviors from network traffic. The results of experiments indicated that in simulation environments the recall of LFF approach reach up to 95%, and in real network traffic the LFF approach also get a good detection result.
ISSN:1000-436X

Similar Items