Abstract
Structured query language (SQL) injection is an attack method that explores the functional and storage vulnerabilities of web applications that have data stored in a database. The attacker is capable of affecting the security by intentionally deciding the content that will be forwarded to the database for information retrieval. The attacker gets the benefit by exploiting the syntax and storage vulnerabilities that are responsible for weak points generated in the DBMS security system. This study makes use of the Snort intrusion detection system log files that contain information affiliated to attackers and can provide timed attack notifications via digital notification systems, like emails. In this research, a web server-based network system is initialized using the Snort intrusion detection system (IDS) to detect various methods of SQL injection attacks possible. The method used is based on NIST standards which are based on major risk assessment phases. This is a five phase-based research that performs exploit site testing, simulating attack circumstances, configuring IDS, collecting data and final phase of performing analysis. This study contributes to a web server-based IDS snort system that is capable of detecting a significant number of SQL injection attacks and real-time response notifying system via digital notifications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
M. Babiker, E. Karaarslan, Y. Hoscan, Web application attack detection and forensics: a survey, in 6th International Symposium on Digital Forensic and Security (ISDFS). IEEE (2018), pp. 1–6
H.J. Liao, C.H.R. Lin, Y.C. Lin, K.Y. Tung, Intrusion detection system: a comprehensive review. J. Network Comput. Appl. 36(1), 16–24 (2013)
R. Hunt, S. Zeadally, Network forensics: an analysis of techniques, tools, and trends. Computer 45(12), 36–43 (2012)
F. Alanazi, M. Sarrab, The history of web application security risks. Int. J. Comput. Sci. Inf. Secur. 9(6), 40 (2011)
D.A. Kindy, A.S.K. Pathan, A survey on SQL injection: vulnerabilities, attacks, and prevention techniques, in 2011 IEEE 15th International Symposium on Consumer Electronics (ISCE), IEEE (2011), pp. 468–471
L. Welling, L. Thomson, PHP and MySQL Web development. 2nd edn. (Sams Publishing, 2003)
R.U. Rehman, Intrusion detection systems with Snort: advanced IDS techniques using Snort, Apache (PHP, and ACID. Prentice Hall Professional, MySQL, 2003)
D. Kar, S. Panigrahi, S. Sundararajan, SQLiDDS: SQL injection detection using query transformation and document similarity, in International Conference on Distributed Computing and Internet Technology, (Springer, Cham, 2015), pp. 377–390
A. Syalim, Y.Hori, K. Sakurai, Comparison of risk analysis methods: mehari, magerit, NIST800-30 and microsoft’s security management guide. in 2009 International Conference on Availability, Reliability and Security, IEEE, pp. 726–731 (2009)
K. Kent, S. Chevalier, T. Grance, Guide to integrating forensic techniques into incident. NIST Pubs, Tech. Rep. pp. 800–86 (2006)
A. Aminnezhad, A. Dehghantanha, M.T. Abdullah, A survey on privacy issues in digital forensics. Int. J. Cyber-Secur. Digit. Forensics 1(4), 311–324 (2012)
S. Roy, A.K. Singh, A.S. Sairam, Detecting and defeating SQL injection attacks. Int. J. Inf. Electron. Eng. 1(1), 38 (2011)
S. Li, B. Cui, Research on association analysis technology of network attack trace based on web log, in International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, (Springer, Cham, 2020), pp. 33–43
S. Senthivel, I. Ahmed, V. Roussev, SCADA network forensics of the PCCC protocol. Digit. Invest. 22, S57–S65 (2017)
M. Hikmatyar, Y. Prayudi, I. Riadi, Network forensics framework development using interactive planning approach. Int. J. Comput. Appl. 161(10), 41–48 (2017)
J. Zhang, H. Duan, W. Liu, X. Yao, How to notify a vulnerability to the right person? case study: in an ISP scope, in GLOBECOM 2017–2017 IEEE Global Communications Conference IEEE, (2017), pp. 1–7
M. Khera, Think like a hacker: insights on the latest attack vectors (and security controls) for medical device applications. J. Diabetes Sci. Technol. 11(2), 207–212 (2017)
R. Gaddam, M. Nandhini, An analysis of various snort based techniques to detect and prevent intrusions in networks proposal with code refactoring snort tool in Kali Linux environment, in 2017 International Conference on Inventive Communication and Computational Technologies (ICICCT), IEEE, (2017), pp. 10–15
A. Kumar, J.B. Yadav, Comparison: wireshark on different parameters. Int. J. Eng. Comput. Sci. 5(3), (2016)
H. Croitoru, Developing and testing solutions, in Agile Office 365 (Apress, Berkeley, CA, 2018), pp. 119–138
A.S. Dewi, H. Setiawan, Implementation of SHA-256 and AES-256 for securing digital Al Quran verification system, in 2019 Fourth International Conference on Informatics and Computing (ICIC), IEEE, 2019, October, pp. 1–8
S.K. Shivakumar, Digital workplace testing, in Build a Next-Generation Digital Workplace (Apress, Berkeley, CA, 2020), pp. 143–171
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Bhardwaj, S., Dave, M. (2021). SQL Injection Attack Detection, Evidence Collection, and Notifying System Using Standard Intrusion Detection System in Network Forensics. In: Balas, V.E., Hassanien, A.E., Chakrabarti, S., Mandal, L. (eds) Proceedings of International Conference on Computational Intelligence, Data Science and Cloud Computing. Lecture Notes on Data Engineering and Communications Technologies, vol 62. Springer, Singapore. https://doi.org/10.1007/978-981-33-4968-1_53
Download citation
DOI: https://doi.org/10.1007/978-981-33-4968-1_53
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-33-4967-4
Online ISBN: 978-981-33-4968-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)