On automatic detection of SQL injection attacks by the feature extraction of the single character

  • Authors:
  • Michio Sonoda;Takeshi Matsuda;Daiki Koizumi;Shigeichi Hirasawa

  • Affiliations:
  • Cyber University, Chiba, Japan;Cyber University, Tokyo, Japan;Cyber University, Tokyo, Japan;Cyber University, Tokyo, Japan

  • Venue:
  • Proceedings of the 4th international conference on Security of information and networks
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. However, a new attack method that is not included by the black list has still been developed. In this paper, we proposed the detecting method based on single character, and show the effectiveness of the proposed method experimentally using both attack and normal samples.