CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks

Abstract: Abstract.One of the most serious security threats to recently deployed databases has been the SQL Injection attack. This paper presents an agent specialised in the detection of SQL injection attacks. The agent incorporates a Case-Based Reasoning engine which is equipped with a learning and adaptation capacity for the classification of malicious codes. The agent also incorporates advanced algorithms in the reasoning cycle stages. The reuse phase uses an innovative classification model based on a mixture of a ne… Show more

“…We believe that by making use of access control and SQL queries, we will be able to defend the system at the root of the problem, and therefore, block attacks when they are still trying to gain access into the system [10]. It is important to note, however, that the latter work did not take into consideration the inherent tree-structure of the SQL language syntax, and that graph-based methods will most likely exploit this attribute to produce a much better model [12].…”

“…Consecutively, Ramasubramanian and Kannan proposed two database intrusion detection frameworks based on artificial neural networks (ANN) [8] [9]. Support vector machines and multilayer perceptrons were utilized by Pinzon and his colleagues to detect SQL injection attacks [10]. Although most of the above works have proposed comprehensive frameworks for a database IDS, they are either very impractical when applied to typical database sizes (which usually contains a large number of tables and attributes), or only focused on detecting outsider attacks.…”

Mining SQL Queries to Detect Anomalous Database Access using Random Forest and PCA

“…We believe that by making use of access control and SQL queries, we will be able to defend the system at the root of the problem, and therefore, block attacks when they are still trying to gain access into the system [10]. It is important to note, however, that the latter work did not take into consideration the inherent tree-structure of the SQL language syntax, and that graph-based methods will most likely exploit this attribute to produce a much better model [12].…”

“…Consecutively, Ramasubramanian and Kannan proposed two database intrusion detection frameworks based on artificial neural networks (ANN) [8] [9]. Support vector machines and multilayer perceptrons were utilized by Pinzon and his colleagues to detect SQL injection attacks [10]. Although most of the above works have proposed comprehensive frameworks for a database IDS, they are either very impractical when applied to typical database sizes (which usually contains a large number of tables and attributes), or only focused on detecting outsider attacks.…”

Mining SQL Queries to Detect Anomalous Database Access using Random Forest and PCA

“…The agent used here is named as CBRid4SQL. [8]. The proposed agent is capable of low error rates compared to other existing systems of that time, robustness, decision mechanism and flexibility in queries review.…”

“…This was due to use of tree-kernel approach. Pinzon et al [8] used case based reasoning (CBR) engine which is collaboration of advanced algorithms that can easily allow classification of malicious codes. The agent used here is named as CBRid4SQL.…”

Preventing SQL-BasedAttacks Using Intrusion Detection System

“…Consecutively, Ramasubramanian and Kannan [23,24] proposed two database intrusion detection frameworks based on artificial neural networks (ANNs). Support vector machines and multilayer perceptrons were utilized by Pinzon et al [21] to detect SQL injection attacks. Moreover, Valeur et al [31] made use of Bayesian networks in their IDS framework.…”

Anomalous query access detection in RBAC-administered databases with random forest and PCA