Affiliation:
1. Polytechnic of Coimbra - ISEC, Coimbra, Portugal
2. University of Coimbra - UC Center for Informatics and Systems of University of Coimbra, Coimbra, Portugal
Abstract
Databases are widely used by organizations to store business-critical information, which makes them one of the most attractive targets for security attacks. SQL Injection is the most common attack to webpages with dynamic content. To mitigate it, organizations use Intrusion Detection Systems (IDS) as part of the security infrastructure, to detect this type of attack. However, the authors observe a gap between the comprehensive state-of-the-art in detecting SQL Injection attacks and the state-of-practice regarding existing tools capable of detecting such attacks. The majority of IDS implementations provide little or no protection against SQL Injection attacks, with exceptions like the tools Bro and ModSecurity. In this article, the authors compare these tools using the CSIC dataset in order to examine the state-of-practice in database protection from SQL Injection attacks, identifying the main characteristics and implementation details needed for IDSs to successfully detect such attacks. The experiments indicate that signature-based IDS provide the greatest coverage against SQL Injection.
Reference33 articles.
1. A top web security vulnerability SQL injection attack — Survey
2. SQL Injection and Cross Site Scripting Prevention using OWASP ModSecurity Web Application Firewall
3. A Case Study of SQL Injection Vulnerabilities Assessment of .bd Domain Web Applications
4. Alsahafi, R. (2019). SQL injection attacks: detection and prevention techniques. International Journal of Scientific & Technology Research, (8), 182-185.
5. Arabo, A. (2019). Distributed ids using agents: An agent-based detection system to detect passive and active threats to a network. Proceedings of the 14th international conference on cyber warfare and security. IEEE.
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献