Abstract
SQL injections consist in inserting keywords and special symbols in the parameters of SQL queries to gain illegitimate access to a database. They are usually identified by analyzing the input parameters and removing the special symbols. In the case of websites, due to the great amount of queries and parameters, it is very common to find parameters without checking that allow bad-intentioned users to introduce keywords and special symbols. This work proposes a distributed architecture based on multi-agent systems that is able to detect SQL injection attacks. The multi-agent architecture incorporates cased-based reasoning, neural networks and support vector machines in order to classify and visualize the queries, allowing the detection and identification of SQL injections. The approach has been tested and the experimental results are presented in this paper.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Halfond, W., Orso, A.: AMNESIA: Analysis and Monitoring for Neutralizing SQL-injection Attacks. In: 20th IEEE/ACM International Conference on Automated Software Engineering, pp. 174–183. ACM, New York (2005)
Valeur, F., Mutz, D., Vigna, G.: A Learning-Based Approach to the Detection of SQL Attacks. In: Julisch, K., Krügel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 123–140. Springer, Heidelberg (2005)
Rietta, F.: Application layer intrusion detection for SQL injection. In: 44th Annual Southeast Regional Conference, pp. 531–536. ACM, New York (2006)
Woolridge, M., Wooldridge, M.J.: Introduction to Multiagent Systems. John Wiley & Sons, Inc., New York (2002)
Laza, R., Pavon, R., Corchado, J.M.: A Reasoning Model for CBR_BDI Agents Using an Adaptable Fuzzy Inference System. In: Conejo, R., Urretavizcaya, M., Pérez-de-la-Cruz, J.-L. (eds.) CAEPIA/TTIA 2003. LNCS (LNAI), vol. 3040, pp. 96–106. Springer, Heidelberg (2004)
Anley, C.: Advanced SQL Injection In SQL Server Applications (2002), http://www.ngssoftware.com/papers/more_advanced_sql_injection.pdf
Christensen, A.S., Moller, A., Schwartzbach, M.I.: Precise Analysis of String Expressions. In: 10th International Static Analysis Symposium, pp. 1–18. Springer, Heidelberg (2003)
Su, Z., Wassermann, G.: The essence of command injection attacks in web applications. In: 33rd Annual Symposium on Principles of Programming Languages, pp. 372–382. ACM Press, New York (2006)
Huang, Y., Huang, S., Lin, T., Tsai, C.: Web application security assessment by fault injection and behavior monitoring. In: 12th International Conference on World Wide Web, pp. 148–159. ACM, New York (2003)
Ramasubramanian, P., Kannan, A.: Quickprop Neural Network Ensemble Forecasting a Database Intrusion Prediction System. In: 7th International Conference Artificial on Intelligence and Soft Computing, Neural Information Processing, vol. 5, pp. 847–852 (2004)
Corchado, J.M., Bajo, J., Abraham, A.: GerAmi: Improving Healthcare Delivery in Geriatric Residences. In: Intelligent Systems, vol. 23, pp. 19–25. IEEE, Los Alamitos (2008)
Vapnik, V.N.: An overview of statistical learning theory. IEEE Transactions on Neural Networks 10, 988–999 (1999)
Corchado, J.M., Laza, R.: Constructing deliberative agents with case-based reasoning technology. International Journal of Intelligent Systems 18, 1227–1241 (2003)
Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensemble of intelligent paradigms. Journal of Network and Computer Applications 28(2), 167–182 (2005)
Fritzke, B.: A Growing Neural Gas Network Learns Topologies. In: Advances in Neural Information Processing Systems, vol. 7, MIT Press, Cambridge (1995)
Herrero, Á., Corchado, E., Sáiz, L., Abraham, A.: DIPKIP: A Connectionist Knowledge Management System to Identify Knowledge Deficits in Practical Cases. Computational Intelligence 26(1), 26–56 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pinzón, C., De Paz, J.F., Herrero, Á., Corchado, E., Bajo, J. (2010). A Distributed Hierarchical Multi-agent Architecture for Detecting Injections in SQL Queries. In: Herrero, Á., Corchado, E., Redondo, C., Alonso, Á. (eds) Computational Intelligence in Security for Information Systems 2010. Advances in Intelligent and Soft Computing, vol 85. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16626-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-16626-6_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16625-9
Online ISBN: 978-3-642-16626-6
eBook Packages: EngineeringEngineering (R0)