An Attack Detection Mechanism Based on a Distributed Hierarchical Multi-agent Architecture for Protecting Databases

This paper presents an innovative approach to detect and classify SQL injection attacks. The existing approaches are centralized while this proposal is based on a distributed hierarchical architecture to provide a robust and dynamic strategy. The strategy for the classification and detection of SQL injection attacks uses a combination based on detection by anomalies and misuses. The detection by anomaly uses a case-based reasoning mechanism incorporating a mixture of neural networks. The approach has been tested and the results are presented in this paper.

[1]  Michael Wooldridge,et al.  Introduction to multiagent systems , 2001 .

[2]  Juan M. Corchado,et al.  A Reasoning Model for CBR_BDI Agents Using an Adaptable Fuzzy Inference System , 2003, CAEPIA.

[3]  Alberto Bugarín,et al.  Current Topics in Artificial Intelligence, 11th Conference of the Spanish Association for Artificial Intelligence, CAEPIA 2005, Santiago de Compostela, Spain, November 16-18, 2005, Revised Selected Papers , 2006, CAEPIA.

[4]  Javier Bajo,et al.  Intelligent environment for monitoring Alzheimer patients, agent technology for health care , 2008, Decis. Support Syst..

[5]  Alessandro Orso,et al.  AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks , 2005, ASE.

[6]  Javier Bajo,et al.  REPLANNING MECHANISM FOR DELIBERATIVE AGENTS IN DYNAMIC CHANGING ENVIRONMENTS , 2008, Comput. Intell..

[7]  Aske Simon Christensen,et al.  Precise Analysis of String Expressions , 2003, SAS.

[8]  Javier Bajo,et al.  GerAmi: Improving Healthcare Delivery in Geriatric Residences , 2008, IEEE Intelligent Systems.

[9]  Franciszek Seredynski,et al.  Recurrent neural networks towards detection of SQL attacks , 2007, 2007 IEEE International Parallel and Distributed Processing Symposium.

[10]  Frank S. Rietta Application layer intrusion detection for SQL injection , 2006, ACM-SE 44.

[11]  Zhendong Su,et al.  The essence of command injection attacks in web applications , 2006, POPL '06.

[12]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[13]  Arputharaj Kannan,et al.  Quickprop Neural Network Short-Term Forecasting Framework for a Database Intrusion Prediction System , 2004, ICAISC.

[14]  Giovanni Vigna,et al.  A Learning-Based Approach to the Detection of SQL Attacks , 2005, DIMVA.

[15]  Ravi Jain,et al.  D-SCIDS: Distributed soft computing intrusion detection system , 2007, J. Netw. Comput. Appl..

[16]  Shih-Kun Huang,et al.  Web application security assessment by fault injection and behavior monitoring , 2003, WWW '03.

[17]  Kenji Kono,et al.  Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).