On automatic detection of SQL injection attacks by the feature extraction of the single character

Authors:
Michio Sonoda;Takeshi Matsuda;Daiki Koizumi;Shigeichi Hirasawa
Affiliations:
Cyber University, Chiba, Japan;Cyber University, Tokyo, Japan;Cyber University, Tokyo, Japan;Cyber University, Tokyo, Japan
Venue:
Proceedings of the 4th international conference on Security of information and networks
Year:
2011

Citing 3
Cited 0

Noxes: a client-side solution for mitigating cross-site scripting attacks

Proceedings of the 2006 ACM symposium on Applied computing
Application layer intrusion detection for SQL injection

Proceedings of the 44th annual Southeast regional conference
SQL Injection Attacks and Defense

SQL Injection Attacks and Defense

Quantified Score

Hi-index	0.00

Visualization

Abstract

The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. However, a new attack method that is not included by the black list has still been developed. In this paper, we proposed the detecting method based on single character, and show the effectiveness of the proposed method experimentally using both attack and normal samples.