Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
ITS4: A static vulnerability scanner for C and C++ code
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Intrusion Detection in RBAC-administered Databases
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Detection of Malicious Transactions in DBMS
PRDC '05 Proceedings of the 11th Pacific Rim International Symposium on Dependable Computing
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A learning-based approach to the detection of SQL attacks
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Protecting web applications from SQL injection attacks by using framework and database firewall
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
| Hi-index | 0.00 |
Web based applications often have vulnerabilities that can be exploited to launch SQL-based attacks. In fact, web application developers are normally concerned with the application functionalities and can easily neglect security aspects. The increasing number of web attacks reported every day corroborates that this attack-prone scenario represents a real danger and is not likely to change favorably in the future. However, the main problem resides in the fact that most of the SQL-based attacks cannot be detected by typical intrusion detection systems (IDS) at network or operating system level. In this paper we propose a database level IDS to concurrently detect malicious database operations. The proposed IDS is based on a comprehensive anomaly detection scheme that checks SQL commands to detect SQL injection and analyses transactions to detect more elaborate data-centric attacks, including insider attacks.