Research Output

Applied Machine Learning Predictive Analytics to SQL Injection Attack Detection and Prevention

  The back-end database is pivotal to the storage of the massive size of big data Internet exchanges stemming from cloud-hosted web applications to Internet of Things (IoT) smart devices. Structured Query Language (SQL) Injection Attack (SQLIA) remains an intruder's exploit of choice on vulnerable web applications to pilfer confidential data from the database with potentially damaging consequences. The existing solutions of mostly signature approaches were all before the recent challenges of big data mining and at such lacks the functionality and ability to cope with new signatures concealed in web requests. An alternative Machine Learning (ML) predictive analytics provides a functional and scalable mining to big data in detection and prevention of SQLIA. Unfortunately, lack of availability of readymade robust corpus or data set with patterns and historical data items to train a classifier are issues well known in SQLIA research. In this paper, we explore the generation of data set containing extraction from known attack patterns including SQL tokens and symbols present at injection points. Also, as a test case, we build a web application that expects dictionary word list as vector variables to demonstrate massive quantities of learning data. The data set is pre-processed, labelled and feature hashing for supervised learning. The trained classifier to be deployed as a web service that is consumed in a custom dot NET application implementing a web proxy Application Programming Interface (API) to intercept and accurately predict SQLIA in web requests thereby preventing malicious web requests from reaching the protected back-end database. This paper demonstrates a full proof of concept implementation of an ML predictive analytics and deployment of resultant web service that accurately predicts and prevents SQLIA with empirical evaluations presented in Confusion Matrix (CM) and Receiver Operating Curve (ROC).

  • Date:

    24 July 2017

  • Publication Status:

    Published

  • Publisher

    Institute of Electrical and Electronics Engineers

  • DOI:

    10.23919/INM.2017.7987433

  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security

Citation

Uwagbole, S. O., Buchanan, W. J., & Fan, L. (2017). Applied Machine Learning Predictive Analytics to SQL Injection Attack Detection and Prevention. In 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM),doi:10.23919/INM.2017.7987433

Authors

Keywords

SQLIA; SQLIA analytics; SQL Injection; SQLIA big data; SQLIA hashing

Monthly Views:

Available Documents