Data-mining based SQL injection attack detection using internal query trees

作者:

Highlights:

• We propose a framework to detect SQL injection attacks at database level.

• To use classification algorithm, internal query trees transform into feature vectors.

• Our feature extraction methods use syntactic and semantic features of query trees.

• Our feature transformation methods use combined statistical models.

• Experimental results using query trees of PostgreSQL validate our proposal.

摘要

•We propose a framework to detect SQL injection attacks at database level.•To use classification algorithm, internal query trees transform into feature vectors.•Our feature extraction methods use syntactic and semantic features of query trees.•Our feature transformation methods use combined statistical models.•Experimental results using query trees of PostgreSQL validate our proposal.

论文关键词:Intrusion detection,SQL injection attack,Database,Data mining,SVM

论文评审过程:Available online 2 March 2014.

论文官网地址:https://doi.org/10.1016/j.eswa.2014.02.041