Attack Intention Estimation Based on Syntax Analysis and Dynamic Analysis for SQL Injection
| Autor: | Yo Kanemoto, Masakatsu Nishigaki, Kotomi Kuroki, Yasuhiro Noguchi, Kazufumi Aoki |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
Web server
SQL 021103 operations research Parsing business.industry Computer science 0211 other engineering and technologies 020206 networking & telecommunications 02 engineering and technology computer.software_genre Semantics SQL injection Order (business) 0202 electrical engineering electronic engineering information engineering Web application Data mining business computer Personally identifiable information computer.programming_language |
| Zdroj: | COMPSAC |
| DOI: | 10.1109/compsac48688.2020.00-41 |
| Popis: | SQL injections lead to serious damage such as leakage of personal information and are prevalent online. Web Application Firewalls (WAFs) are used to detect SQL injections, but its detection is not perfect. Therefore, to validate detected attacks, a more detailed manual analysis is required. Furthermore, due to confidentiality and availability, it is often impossible to obtain information on monitored web servers. In this paper, we propose a method to identify the intention of SQL injections in order to shorten the analysis time in the situation where limited information is available. The proposed method analyzes only a partial SQL query in an HTTP request and estimates its intention by syntax analysis and emulating. Evaluation results revealed that the proposed method was able to correctly identify the intention with an accuracy of 83.1% and 71.9% for an artificial dataset and a real-world dataset respectively. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|