Skip to main content
SpringerLink
Log in

SQL Injection Attack Detection, Evidence Collection, and Notifying System Using Standard Intrusion Detection System in Network Forensics

  • Conference paper
  • First Online:
Proceedings of International Conference on Computational Intelligence, Data Science and Cloud Computing

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 62))

Abstract

Structured query language (SQL) injection is an attack method that explores the functional and storage vulnerabilities of web applications that have data stored in a database. The attacker is capable of affecting the security by intentionally deciding the content that will be forwarded to the database for information retrieval. The attacker gets the benefit by exploiting the syntax and storage vulnerabilities that are responsible for weak points generated in the DBMS security system. This study makes use of the Snort intrusion detection system log files that contain information affiliated to attackers and can provide timed attack notifications via digital notification systems, like emails. In this research, a web server-based network system is initialized using the Snort intrusion detection system (IDS) to detect various methods of SQL injection attacks possible. The method used is based on NIST standards which are based on major risk assessment phases. This is a five phase-based research that performs exploit site testing, simulating attack circumstances, configuring IDS, collecting data and final phase of performing analysis. This study contributes to a web server-based IDS snort system that is capable of detecting a significant number of SQL injection attacks and real-time response notifying system via digital notifications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. M. Babiker, E. Karaarslan, Y. Hoscan, Web application attack detection and forensics: a survey, in 6th International Symposium on Digital Forensic and Security (ISDFS). IEEE (2018), pp. 1–6

    Google Scholar 

  2. H.J. Liao, C.H.R. Lin, Y.C. Lin, K.Y. Tung, Intrusion detection system: a comprehensive review. J. Network Comput. Appl. 36(1), 16–24 (2013)

    Article  Google Scholar 

  3. R. Hunt, S. Zeadally, Network forensics: an analysis of techniques, tools, and trends. Computer 45(12), 36–43 (2012)

    Article  Google Scholar 

  4. F. Alanazi, M. Sarrab, The history of web application security risks. Int. J. Comput. Sci. Inf. Secur. 9(6), 40 (2011)

    Google Scholar 

  5. D.A. Kindy, A.S.K. Pathan, A survey on SQL injection: vulnerabilities, attacks, and prevention techniques, in 2011 IEEE 15th International Symposium on Consumer Electronics (ISCE), IEEE (2011), pp. 468–471

    Google Scholar 

  6. L. Welling, L. Thomson, PHP and MySQL Web development. 2nd edn. (Sams Publishing, 2003)

    Google Scholar 

  7. R.U. Rehman, Intrusion detection systems with Snort: advanced IDS techniques using Snort, Apache (PHP, and ACID. Prentice Hall Professional, MySQL, 2003)

    Google Scholar 

  8. D. Kar, S. Panigrahi, S. Sundararajan, SQLiDDS: SQL injection detection using query transformation and document similarity, in International Conference on Distributed Computing and Internet Technology, (Springer, Cham, 2015), pp. 377–390

    Google Scholar 

  9. A. Syalim, Y.Hori, K. Sakurai, Comparison of risk analysis methods: mehari, magerit, NIST800-30 and microsoft’s security management guide. in 2009 International Conference on Availability, Reliability and Security, IEEE, pp. 726–731 (2009)

    Google Scholar 

  10. K. Kent, S. Chevalier, T. Grance, Guide to integrating forensic techniques into incident. NIST Pubs, Tech. Rep. pp. 800–86 (2006)

    Google Scholar 

  11. A. Aminnezhad, A. Dehghantanha, M.T. Abdullah, A survey on privacy issues in digital forensics. Int. J. Cyber-Secur. Digit. Forensics 1(4), 311–324 (2012)

    Google Scholar 

  12. S. Roy, A.K. Singh, A.S. Sairam, Detecting and defeating SQL injection attacks. Int. J. Inf. Electron. Eng. 1(1), 38 (2011)

    Google Scholar 

  13. S. Li, B. Cui, Research on association analysis technology of network attack trace based on web log, in International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, (Springer, Cham, 2020), pp. 33–43

    Google Scholar 

  14. S. Senthivel, I. Ahmed, V. Roussev, SCADA network forensics of the PCCC protocol. Digit. Invest. 22, S57–S65 (2017)

    Article  Google Scholar 

  15. M. Hikmatyar, Y. Prayudi, I. Riadi, Network forensics framework development using interactive planning approach. Int. J. Comput. Appl. 161(10), 41–48 (2017)

    Google Scholar 

  16. J. Zhang, H. Duan, W. Liu, X. Yao, How to notify a vulnerability to the right person? case study: in an ISP scope, in GLOBECOM 2017–2017 IEEE Global Communications Conference IEEE, (2017), pp. 1–7

    Google Scholar 

  17. M. Khera, Think like a hacker: insights on the latest attack vectors (and security controls) for medical device applications. J. Diabetes Sci. Technol. 11(2), 207–212 (2017)

    Article  Google Scholar 

  18. R. Gaddam, M. Nandhini, An analysis of various snort based techniques to detect and prevent intrusions in networks proposal with code refactoring snort tool in Kali Linux environment, in 2017 International Conference on Inventive Communication and Computational Technologies (ICICCT), IEEE, (2017), pp. 10–15

    Google Scholar 

  19. A. Kumar, J.B. Yadav, Comparison: wireshark on different parameters. Int. J. Eng. Comput. Sci. 5(3), (2016)

    Google Scholar 

  20. H. Croitoru, Developing and testing solutions, in Agile Office 365 (Apress, Berkeley, CA, 2018), pp. 119–138

    Google Scholar 

  21. A.S. Dewi, H. Setiawan, Implementation of SHA-256 and AES-256 for securing digital Al Quran verification system, in 2019 Fourth International Conference on Informatics and Computing (ICIC), IEEE, 2019, October, pp. 1–8

    Google Scholar 

  22. S.K. Shivakumar, Digital workplace testing, in Build a Next-Generation Digital Workplace (Apress, Berkeley, CA, 2020), pp. 143–171

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology, Kurukshetra, 136119, India

    Sonam Bhardwaj & Mayank Dave

Authors
  1. Sonam Bhardwaj
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mayank Dave
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sonam Bhardwaj .

Editor information

Editors and Affiliations

  1. Department of Automation and Applied Informatics and Department of International Relations, Programs and Projects, Intelligent Systems Research Centre, Aurel Vlaicu University of Arad, Arad, Romania

    Valentina E. Balas

  2. Department of Information Technology, Faculty of Computer and Artificial Intelligence, Cairo University, Giza, Egypt

    Aboul Ella Hassanien

  3. Institute of Engineering and Management, Kolkata, West Bengal, India

    Satyajit Chakrabarti

  4. Department of Information Technology, Institute of Engineering and Management, Kolkata, West Bengal, India

    Lopa Mandal

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bhardwaj, S., Dave, M. (2021). SQL Injection Attack Detection, Evidence Collection, and Notifying System Using Standard Intrusion Detection System in Network Forensics. In: Balas, V.E., Hassanien, A.E., Chakrabarti, S., Mandal, L. (eds) Proceedings of International Conference on Computational Intelligence, Data Science and Cloud Computing. Lecture Notes on Data Engineering and Communications Technologies, vol 62. Springer, Singapore. https://doi.org/10.1007/978-981-33-4968-1_53

Download citation

Publish with us

Policies and ethics

Search

Navigation