IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Hacking Exposed Web Applications: Web Application Security Secrets & Solutions
Hacking Exposed Web Applications: Web Application Security Secrets & Solutions
A parallel implementation of the Needleman-Wunsch algorithm for global gapped pair-wise alignment
Journal of Computing Sciences in Colleges
Bioinformatics—an introduction for computer scientists
ACM Computing Surveys (CSUR)
Detection of cross site scripting attack in wireless networks using n-Gram and SVM
Mobile Information Systems - Advances in Network-Based Information Systems
Hi-index | 0.00 |
Web applications employing database-driven content have become widely deployed on the Internet, and organizations use them to provide a broad range of services to people. Along with their growing deployment, there has been a surge in attacks that target these applications. One type of attack in particular, SQL injection, is especially harmful. SQL injections can give attackers direct access to the database underlying an application and allow them to leak confidential or even sensitive information. SQL injection is able to evade or detour IDS or firewall in various ways. Hence, detection system based on regular expression or predefined signatures cannot prevent SQL injection effectively. We present a detection mode for SQL injection using pairwise sequence alignment of amino acid code formulated from web application parameter database sent via web server. An experiment shows that our method detects SQL injection and, moreover, previously unknown attacks as well as variations of known attacks.