A Hot Query Bank approach to improve detection performance against SQL injection attacks

Chung, Yu‐Chi; Wu, Ming-Chuan; Chen, Yih-Chang; Chang, Wen-Kui

doi:10.1016/j.cose.2011.11.007

Cited by 9 publications

(11 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Later, a hot query bank (HQB) was designed [6] for improving the efficiency of SQL injection attack detection. Though the approach minimized the execution time, the ER was not minimized.…”

Section: Related Workmentioning

confidence: 99%

BIBSQLQC: Brown infomax boosted SQL query clustering algorithm to detect anti-patterns in the query log

Ramakrishnan¹,

Palanisamy²

2020

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Discovery of antipatterns from arbitrary SQL query log depends on the static code analysis used to enhance the quality and performance of software applications. The existence of antipatterns reduces the quality and leads to redundant SQL statements. SQL log includes a large load on the database and it is difficult for an analyst to extract large patterns in a minimal time. Existing techniques which discover antipatterns in SQL query face a lot of innumerable challenges to discover the normal sequences of queries within the log. In order to discover the antipatterns in the log, an efficient technique called Brown infomax boosted SQL query clustering (BIBSQLQC) technique is introduced. Initially, the number of patterns (i.e. queries) are extracted from the SQL query log. After extracting the patterns, the ensemble clustering process is carried out to find out the antipatterns from the given query log. The Brown infomax boost clustering is an ensemble learning method for grouping the patterns by constructing several weak learners. The Brown clustering is used as a weak learner for partitioning the patterns into 'k' number of clusters based on the Euclidean distance measure. Then the weak learner merges the two clusters with maximum information gained to minimize the time complexity. The clustering results of weak learners are combined into strong results with minimal error rate (ER). By this way, the antipattern in the SQL query log is detected with a higher accuracy. Experimental evaluation is conducted with different parameters namely detection accuracy (DA), false positive rate (FPR) and time complexity (TC) using the two SQL query log data-sets (DS). The experimental result shows that, the BIBSQLQC technique achieves higher DA with lower TC and FPR than the conventional methods.

show abstract

“…Later, a hot query bank (HQB) was designed [6] for improving the efficiency of SQL injection attack detection. Though the approach minimized the execution time, the ER was not minimized.…”

Section: Related Workmentioning

confidence: 99%

BIBSQLQC: Brown infomax boosted SQL query clustering algorithm to detect anti-patterns in the query log

Ramakrishnan¹,

Palanisamy²

2020

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

show abstract

“…Fig.4. shows a brief flow chart [14] of HQB's functions to counter SQL injection attacks. HQB checks incoming query whether it is an acceptable hot query or not.…”

Section: Hot Query Bank (Hqb) Approachmentioning

confidence: 99%

“…When a query q i arrives, then A[h j (q i )] is set to 1 for 1≤ j ≤k. In order to find membership of any query q i it [14], due to the hash collision. Bloom filter may suggest that a query q i is a member of the set, while it is not.…”

Section: Parallel-sqlia Detectormentioning

confidence: 99%

“…HQB [14] acts as a bridge between web application and database as shown in Fig.6. It intercepts and analyzes queries from web application to a database.…”

Section: A System Architecturementioning

confidence: 99%

“…Hot Query Bank provides a method which is similar to hCount [14] to get hot queries. It provides three additional capabilities (i) it proposed a mechanism which prevents bloom filter errors, as it might mistreat a certain cold queries as a hot one and vice versa and thus threaten the system security.…”

Section: B Data Structurementioning

confidence: 99%

See 2 more Smart Citations

A Parallel-SQLIA Detector for Web Security

Kumar¹,

Katti²

2016

IJIEEB

View full text Add to dashboard Cite

An SQL injection attack compromises the interactive web based applications, running database in the backend. The applications provide a form to accept user input and convert it into the SQL statement and fire the same to the database. The attackers change the structure of SQL statement by manipulating user inputs. The existing static and dynamic SQLIA detectors are being used for accurate detection of SQL injection, but it ignores the efficiency of the system. These detectors repeatedly verify the same queries inside the system, which causes unnecessary wastages of system resources. This paper contains the design approach of a parallel algorithm for the detection of SQL injection. The Algorithm uses the concept of Hot Query Bank (HQB) to cooperate with the existing SQLIA detectors (e.g. AMNESIA, SQLGuard, etc) and enhances the system performance. It simply keeps the information of previously verified queries in order to skip the verification process on the next appearance. The system performance has been observed by conducting a series of experiments on multi core processors. The experimental results have shown that parallel-SQLIA detector is 65% more efficient in term of time complexity. Further this design can be implemented in real web application environment; and the design interface can be standardized to cooperate with web application and the SQLIA detectors.

show abstract

A Mutation Approach of Detecting SQL Injection Vulnerabilities

Huang

Chen

et al. 2017

Cloud Computing and Security

View full text Add to dashboard Cite

A Hot Query Bank approach to improve detection performance against SQL injection attacks

Cited by 9 publications

References 9 publications

BIBSQLQC: Brown infomax boosted SQL query clustering algorithm to detect anti-patterns in the query log

BIBSQLQC: Brown infomax boosted SQL query clustering algorithm to detect anti-patterns in the query log

A Parallel-SQLIA Detector for Web Security

A Mutation Approach of Detecting SQL Injection Vulnerabilities

Contact Info

Product

Resources

About