Some Issues on Intrusion Detection in Web Applications

  • Authors:

  • Jaroslaw Skaruz;Franciszek Seredynski

  • Affiliations:

  • Institute of Computer Science, University of Podlasie, Siedlce, Poland 08-110;Polish-Japanese Institute of Information Technology, Warsaw, 02-008 and Institute of Computer Science, Polish Academy of Sciences, Warsaw, Poland 01-237

  • Venue:
  • ICAISC '08 Proceedings of the 9th international conference on Artificial Intelligence and Soft Computing
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

In the paper we present a new approach based on application of neural networks to detect SQL attacks. SQL attacks are those attacks that take the advantage of using SQL statements to be performed. The problem of detection of this class of attacks is transformed to time series prediction problem. SQL queries are used as a source of events in a protected environment. To differentiate between normal SQL queries and those sent by an attacker, we divide SQL statements into tokens and pass them to our detection system, which predicts the next token, taking into account previously seen tokens. In the learning phase tokens are passed to a recurrent neural network (RNN) trained by backpropagation through time (BPTT) algorithm. Then, two coefficients of the rule are evaluated. The rule is used to interpret RNN output. In the testing phase RNN with the rule is examined against attacks and legal data to find out how evaluated rule affects efficiency of detecting attacks. All experiments were conducted on Jordan network. Experimental results show the relationship between the rule and a length of SQL queries.