IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Inducing Probabilistic Grammars by Bayesian Model Merging
ICGI '94 Proceedings of the Second International Colloquium on Grammatical Inference and Applications
Hidden Markov Model} Induction by Bayesian Model Merging
Advances in Neural Information Processing Systems 5, [NIPS Conference]
Application-Integrated Data Collection for Security Monitoring
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Simulating realistic network worm traffic for worm warning system design and testing
Proceedings of the 2003 ACM workshop on Rapid malcode
A Stateful Intrusion Detection System for World-Wide Web Servers
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Undermining an anomaly-based intrusion detection system using common exploits
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A sense of self for Unix processes
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
Preventing SQL injection attacks using AMNESIA
Proceedings of the 28th international conference on Software engineering
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Fine-grained access control to web databases
Proceedings of the 12th ACM symposium on Access control models and technologies
CANDID: preventing sql injection attacks using dynamic candidate evaluations
Proceedings of the 14th ACM conference on Computer and communications security
SQL-IDS: a specification-based approach for SQL-injection detection
Proceedings of the 2008 ACM symposium on Applied computing
Detecting anomalous access patterns in relational databases
The VLDB Journal — The International Journal on Very Large Data Bases
Mechanisms for database intrusion detection and response
Proceedings of the 2nd SIGMOD PhD workshop on Innovative database research
Recurrent Neural Networks on Duty of Anomaly Detection in Databases
ISNN '07 Proceedings of the 4th international symposium on Neural Networks: Advances in Neural Networks, Part III
Some Issues on Intrusion Detection in Web Applications
ICAISC '08 Proceedings of the 9th international conference on Artificial Intelligence and Soft Computing
Classification Agent-Based Techniques for Detecting Intrusions in Databases
HAIS '08 Proceedings of the 3rd international workshop on Hybrid Artificial Intelligence Systems
A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
SQLProb: a proxy-based architecture towards preventing SQL injection attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Web Application Security through Gene Expression Programming
EvoWorkshops '09 Proceedings of the EvoWorkshops 2009 on Applications of Evolutionary Computing: EvoCOMNET, EvoENVIRONMENT, EvoFIN, EvoGAMES, EvoHOT, EvoIASP, EvoINTERACTION, EvoMUSART, EvoNUM, EvoSTOC, EvoTRANSLOG
Journal of Computer Security - Best papers of the Sec Track at the 2006 ACM Symposium
Database Intrusion Detection Using Role Profiling with Role Hierarchy
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Detecting web application attacks with use of gene expression programming
CEC'09 Proceedings of the Eleventh conference on Congress on Evolutionary Computation
CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks
ACM Transactions on Information and System Security (TISSEC)
Splash: ad-hoc querying of data and statistical models
Proceedings of the 13th International Conference on Extending Database Technology
Swaddler: an approach for the anomaly-based detection of state violations in web applications
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Architecture for data collection in database intrusion detection systems
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Tracing SQL attacks via neural networks
PPAM'07 Proceedings of the 7th international conference on Parallel processing and applied mathematics
Looking at web security vulnerabilities from the programming language perspective: a field study
ISSRE'09 Proceedings of the 20th IEEE international conference on software reliability engineering
HengHa: data harvesting detection on hidden databases
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Detecting data misuse by applying context-based data linkage
Proceedings of the 2010 ACM workshop on Insider threats
M-score: estimating the potential damage of data leakage incident by assigning misuseability weight
Proceedings of the 2010 ACM workshop on Insider threats
A data-centric approach to insider attack detection in database systems
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Soft computing techniques for intrusion detection of SQL-based attacks
ACIIDS'10 Proceedings of the Second international conference on Intelligent information and database systems: Part I
Towards mechanisms for detection and prevention of data exfiltration by insiders: keynote talk paper
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Preventing web application injections with complementary character coding
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
PSIAQOP: preventing SQL injection attacks based on query optimization process
Proceedings of the Second Kuwait Conference on e-Services and e-Systems
SENTINEL: securing database from logic flaws in web applications
Proceedings of the second ACM conference on Data and Application Security and Privacy
CBRid4SQL: a CBR intrusion detector for SQL injection attacks
HAIS'10 Proceedings of the 5th international conference on Hybrid Artificial Intelligence Systems - Volume Part II
Automatically preparing safe SQL queries
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Proceedings of the 34th International Conference on Software Engineering
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining
Information Sciences: an International Journal
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
Detection of cross site scripting attack in wireless networks using n-Gram and SVM
Mobile Information Systems - Advances in Network-Based Information Systems
| Hi-index | 0.00 |
Web-based systems are often a composition of infrastructure components, such as web servers and databases, and of application-specific code, such as HTML-embedded scripts and server-side applications. While the infrastructure components are usually developed by experienced programmers with solid security skills, the application-specific code is often developed under strict time constraints by programmers with little security training. As a result, vulnerable web-applications are deployed and made available to the Internet at large, creating easily-exploitable entry points for the compromise of entire networks. Web-based applications often rely on back-end database servers to manage application-specific persistent state. The data is usually extracted by performing queries that are assembled using input provided by the users of the applications. If user input is not sanitized correctly, it is possible to mount a variety of attacks that leverage web-based applications to compromise the security of back-end databases. Unfortunately, it is not always possible to identify these attacks using signature-based intrusion detection systems, because of the ad hoc nature of many web-based applications. Signatures are rarely written for this class of applications due to the substantial investment of time and expertise this would require. We have developed an anomaly-based system that learns the profiles of the normal database access performed by web-based applications using a number of different models. These models allow for the detection of unknown attacks with reduced false positives and limited overhead. In addition, our solution represents an improvement with respect to previous approaches because it reduces the possibility of executing SQL-based mimicry attacks.