Research Output

An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack

  Emerging computing relies heavily on secure back-end storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) remains an intruder’s exploit of choice to pilfer confidential data from the back-end database with damaging ramifications. The existing approaches were all before the new emerging computing in the context of the Internet big data mining and as such will lack the ability to cope with new signatures concealed in a large volume of web requests over time. Also, these existing approaches were strings lookup approaches aimed at on-premise application domain boundary, not applicable to roaming Cloud-hosted services’ edge Software-Defined Network (SDN) to application endpoints with large web request hits. Using a Machine Learning (ML) approach provides scalable big data mining for SQLIA detection and prevention. Unfortunately, the absence of corpus to train a classifier is an issue well known in SQLIA research in applying Artificial Intelligence (AI) techniques. This paper presents an application context pattern-driven corpus to train a supervised learning model. The model is trained with ML algorithms of Two-Class Support Vector Machine (TC SVM) and Two-Class Logistic Regression (TC LR) implemented on Microsoft Azure Machine Learning (MAML) studio to mitigate SQLIA. This scheme presented here, then forms the subject of the empirical evaluation in Receiver Operating Characteristic (ROC) curve.

  • Date:

    02 November 2017

  • Publication Status:

    Published

  • Publisher

    Institute of Electrical and Electronics Engineers

  • DOI:

    10.1109/est.2017.8090392

  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    004 Data processing & computer science

  • Funders:

    Edinburgh Napier Funded

Citation

Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017). An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack. In 2017 Seventh International Conference on Emerging Security Technologies (EST),https://doi.org/10.1109/est.2017.8090392

Authors

Keywords

SQL injection, SQLIA data analytics, SQLIA pattern-driven data set, SQLIA big data, SQLIA hashing,

Monthly Views:

Available Documents

  • pdf

    An Applied Pattern-Driven Corpus to Predictive Analytics in Mitigating SQL Injection Attack

    1MB
    Number of Downloads in the past year: 4

    © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works

  • Downloadable citations

    HTML BIB RTF