Detecting SQL injection attacks using SNORT IDS

SQL injection attack poses a serious security threats among the Internet community nowadays and it's continue to increase exploiting flaws found in the Web applications. In SQL injection attack, the attackers can take advantage of poorly coded web application software to introduce malicious code into the system and/or could retrieve important information. Web applications are under siege from cyber criminals seeking to steal confidential information and disable or damage the services offered by these application. Therefore, additional steps must be taken to ensure data security and integrity of the applications. In this paper we propose an innovative solution to filter the SQL injection attack using SNORT IDS. The proposed detection technique uses SNORT tool by augmenting a number of additional SNORT rules. We evaluate the proposed solution by comparing our method with several existing techniques. Experimental results demonstrate that the proposed method outperforms other similar techniques using the same data set.

[1]  T. Wassmer 6 , 1900, EXILE.

[2]  Sainath Patil Assi Honeyweb : a web-based high interaction client honeypot , 2012 .

[3]  Izzat Alsmadi,et al.  Efficient Assessment and Evaluation for Websites Vulnerabilities Using SNORT , 2013 .

[4]  Nalini A. Mhetre,et al.  A novel approach for detection of SQL injection and cross site scripting attacks , 2015, 2015 International Conference on Pervasive Computing (ICPC).

[5]  Izzat Alsmadi,et al.  Textual Manipulation for SQL Injection Attacks , 2013 .

[6]  -. THesketh,et al.  Rule generalisation in intrusion detection systems using SNORT , 2008, Int. J. Electron. Secur. Digit. Forensics.

[7]  Michael D. Ernst,et al.  Automatic creation of SQL Injection and cross-site scripting attacks , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[8]  Zhoujun Li,et al.  SQL Injection Detection with Composite Kernel in Support Vector Machine , 2012 .

[9]  P. Kumar,et al.  A survey on SQL injection attacks, detection and prevention techniques , 2012, 2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12).

[10]  M. E. Kabay,et al.  Writing Secure Code , 2015 .

[11]  Janez Demsar,et al.  Statistical Comparisons of Classifiers over Multiple Data Sets , 2006, J. Mach. Learn. Res..

[12]  Zhi-jian Wang,et al.  Notice of RetractionA Static Analysis Tool for Detecting Web Application Injection Vulnerabilities for ASP Program , 2010, 2010 2nd International Conference on E-business and Information System Security.

[13]  Steven T. Eckmann Translating Snort rules to STATL scenarios , 2001 .

[14]  Uwe Aickelin,et al.  Rule generalisation in intrusion detection systems using SNORT , 2007, Int. J. Electron. Secur. Digit. Forensics.