• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Information Security Technical Report >SQL Injection Attack classification through the feature extraction of SQL query strings using a Gap-Weighted String Subsequence Kernel
【24h】

SQL Injection Attack classification through the feature extraction of SQL query strings using a Gap-Weighted String Subsequence Kernel

机译:通过使用Gap-Weighted字符串子序列内核提取SQL查询字符串的特征来进行SQL Injection Attack分类

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

SQL Injection Attacks are one of the most common methods behind data security breaches. Previous research has attempted to produce viable detection solutions in order to filter SQL Injection Attacks from regular queries. Unfortunately it has proven to be a challenging problem with many solutions suffering from disadvantages such as being unable to process in real time as a preventative solution, a lack of adaptability to differing types of attack and the requirement for access to difficult-to-obtain information about the source application. This paper presents a novel solution of classifying SQL queries purely on the features of the initial query string. A Gap-Weighted String Subsequence Kernel algorithm is implemented to identify subsequences of shared characters between query strings for the output of a similarity metric. Finally a Support Vector Machine is trained on the similarity metrics between known query strings which are then used to classify unknown test queries. By gathering all feature data from the query strings, additional information from the source application is not required. The probabilistic nature of the learned models allows the solution to adapt to new threats whilst in operation. The proposed solution is evaluated using a number of test datasets derived from the Amnesia testbed datasets. The demonstration software achieved 97.07% accuracy for Select type queries and 92.48% accuracy for Insert type queries. This limited success rate is due to unsanitized quotation marks within legitimate inputs confusing the feature extraction. Using a test dataset that denies legitimate queries the use of unsanitized quotation marks, the Select and Insert query accuracy rose.
机译:SQL注入攻击是数据安全漏洞背后最常见的方法之一。先前的研究试图产生可行的检测解决方案,以便从常规查询中过滤SQL注入攻击。不幸的是,事实证明,这是一个具有挑战性的问题,许多解决方案都具有以下缺点:无法作为预防性解决方案实时处理,对不同类型的攻击缺乏适应性以及需要访问难以获得的信息关于源应用程序。本文提出了一种仅根据初始查询字符串的特征对SQL查询进行分类的新颖解决方案。实施了权重加权的字符串子序列内核算法,以识别查询字符串之间共享字符的子序列,以输出相似性度量。最后,对支持向量机进行已知查询字符串之间相似性度量的训练,然后将其用于对未知测试查询进行分类。通过从查询字符串中收集所有功能数据,就不需要来自源应用程序的其他信息。学习模型的概率性质使解决方案可以在运行中适应新的威胁。使用从失忆症测试床数据集派生的许多测试数据集评估提出的解决方案。该演示软件的Select类型查询的准确性为97.07%,Insert类型查询的准确性为92.48%。这种有限的成功率是由于合法输入中未消毒的引号引起了特征提取的混乱。通过使用拒绝合法查询的测试数据集使用未经消毒的引号,选择和插入查询的准确性提高了。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号