Approach to detecting SQL injection behaviors in network environment
SQL injection attack is one of the main threats that many Web applications faced with. The traditional detection method depended on the clients or servers. Firstly the process of SQL injection attack was analyzed, and then the differences between attack traffic and normal traffic HTTP request length...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2016-02-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2016034/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539592227913728 |
|---|---|
| author | Yu-fei ZHAO Gang XIONG Long-tao HE Zhou-jun LI |
| author_facet | Yu-fei ZHAO Gang XIONG Long-tao HE Zhou-jun LI |
| author_sort | Yu-fei ZHAO |
| collection | DOAJ |
| description | SQL injection attack is one of the main threats that many Web applications faced with. The traditional detection method depended on the clients or servers. Firstly the process of SQL injection attack was analyzed, and then the differences between attack traffic and normal traffic HTTP request length, HTTP connections and feature string were discovered. Based on the request length, request frequency and feature string, a new method, LFF (length-frequency-feature), was proposed to detect SQL injection behaviors from network traffic. The results of experiments indicated that in simulation environments the recall of LFF approach reach up to 95%, and in real network traffic the LFF approach also get a good detection result. |
| format | Article |
| id | doaj-art-89fcedf80c2f4ff6a053653da2a4e8b6 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2016-02-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-89fcedf80c2f4ff6a053653da2a4e8b62025-01-14T06:54:49ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2016-02-0137899859699267Approach to detecting SQL injection behaviors in network environmentYu-fei ZHAOGang XIONGLong-tao HEZhou-jun LISQL injection attack is one of the main threats that many Web applications faced with. The traditional detection method depended on the clients or servers. Firstly the process of SQL injection attack was analyzed, and then the differences between attack traffic and normal traffic HTTP request length, HTTP connections and feature string were discovered. Based on the request length, request frequency and feature string, a new method, LFF (length-frequency-feature), was proposed to detect SQL injection behaviors from network traffic. The results of experiments indicated that in simulation environments the recall of LFF approach reach up to 95%, and in real network traffic the LFF approach also get a good detection result.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2016034/Web securitySQL injectionnetwork trafficoutlier detection |
| spellingShingle | Yu-fei ZHAO Gang XIONG Long-tao HE Zhou-jun LI Approach to detecting SQL injection behaviors in network environment Tongxin xuebao Web security SQL injection network traffic outlier detection |
| title | Approach to detecting SQL injection behaviors in network environment |
| title_full | Approach to detecting SQL injection behaviors in network environment |
| title_fullStr | Approach to detecting SQL injection behaviors in network environment |
| title_full_unstemmed | Approach to detecting SQL injection behaviors in network environment |
| title_short | Approach to detecting SQL injection behaviors in network environment |
| title_sort | approach to detecting sql injection behaviors in network environment |
| topic | Web security SQL injection network traffic outlier detection |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2016034/ |
| work_keys_str_mv | AT yufeizhao approachtodetectingsqlinjectionbehaviorsinnetworkenvironment AT gangxiong approachtodetectingsqlinjectionbehaviorsinnetworkenvironment AT longtaohe approachtodetectingsqlinjectionbehaviorsinnetworkenvironment AT zhoujunli approachtodetectingsqlinjectionbehaviorsinnetworkenvironment |