Classification Agent-Based Techniques for Detecting Intrusions in Databases

  • Cristian Pinzón
  • Yanira De Paz
  • Rosa Cano
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5271)

Abstract

This paper presents an agent specially designed for the prevention and detection of SQL injection at the database layer of an application. The agent incorporates a Case-based reasoning mechanism whose main characteristic involves a mixture of neural networks that carry out the task of filtering attacks. The agent had been tested and the results obtained are presented in this study.

Keywords

SQL injection multiagent systems case-based reasoning neural networks 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anley, C.: Advanced SQL Injection In SQL Server Applications (2002), http://www.nextgenss.com/papers/advanced-sql-injection.pdf
  2. 2.
    Halfond, W., Orso, A.: AMNESIA: analysis and monitoring for neutralizing SQL-injection attacks. In: ASE 2005: 20th IEEE/ACM international Conference on Automated software engineering, pp. 174–183. ACM, New York (2005)CrossRefGoogle Scholar
  3. 3.
    Wassermann, G., Gould, C., Su, Z., Devanbu, P.: Static Checking of Dynamically Generated Queries in Database Applications. ACM Transactions on Software Engineering and Methodology 16, 14 (2007)CrossRefGoogle Scholar
  4. 4.
    Valeur, F., Mutz, D., Vigna, G.: A Learning-Based Approach to the Detection of SQL Attacks. In: Julisch, K., Krügel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 123–140. Springer, Heidelberg (2005)Google Scholar
  5. 5.
    Corchado, J.M., Pavón, J., Corchado, E.S., Castillo, L.F.: Development of CBR-BDI Agents. In: Advances in Case-Based Reasoning. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Woolridge, M., Wooldridge, M.J.: Introduction to Multiagent Systems. John Wiley & Sons, New York (2002)Google Scholar
  7. 7.
    Corchado, J.M., Laza, R., Borrajo, L., De Luis, Y.A., Valiño, M.: Increasing the Autonomy of Deliberative Agents with a Case-Based Reasoning System. International Journal of Computational Intelligence and Applications 3(1), 101–118 (2003)CrossRefGoogle Scholar
  8. 8.
    Fdez-Riverola, F., Iglesias, E.L., Daz, F., Méndez, J.R., Corchado, J.M.: SpamHunting: An instance-based reasoning system for spam labelling and filtering. Decision Support System 43(3), 722–736 (2007)CrossRefGoogle Scholar
  9. 9.
    Ramasubramanian, P., Kannan, A.: Quickprop Neural Network Ensemble Forecasting a Database Intrusion Prediction System. Neural Information Processing 5, 847–852 (2004)Google Scholar
  10. 10.
    Huang, Y., Huang, S., Lin, T., Tsai, C.: Web application security assessment by fault injection and behavior monitoring, pp. 148–159. ACM, New York (2003)Google Scholar
  11. 11.
    Rietta, F.: Application layer intrusion detection for SQL injection. In: 44th annual Southeast regional conference, pp. 531–536. ACM, New York (2006)CrossRefGoogle Scholar
  12. 12.
    Skaruz, J., Seredynski, F.: Recurrent neural networks towards detection of SQL attacks. In: Parallel and Distributed Processing Symposium, 2007. IPDPS 2007, pp. 1–8. IEEE International, Los Alamitos (2007)CrossRefGoogle Scholar
  13. 13.
    Carrascosa, C., Bajo, J., Julian, V., Corchado, J.M., Botti, V.: Hybrid multi-agent architecture as a real-time problem-solving model. Expert System with Application 34, 2–17 (2008)CrossRefGoogle Scholar
  14. 14.
    Kussul, N., Shelestov, A., Sidorenko, A., Skakun, S., Veremeenko, Y.: Intelligent multi-agent information security system, Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications. In: Proceedings of the Second IEEE International Workshop, pp. 120–122 (2003)Google Scholar
  15. 15.
    Abraham, A., Jain, R., Thomas, J., Han, S.Y.: D-SCIDS: distributed soft computing intrusion detection system. J. Netw. Comput. Appl. 30, 81–98 (2007)CrossRefGoogle Scholar
  16. 16.
    Corchado, J.M., Bajo, J., Abraham, A.: GerAmi: Improving Healthcare Delivery in Geriatric Residences. Intelligent Systems 23, 19–25 (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Cristian Pinzón
    • 1
  • Yanira De Paz
    • 2
  • Rosa Cano
    • 3
  1. 1.Universidad Tecnológica de PanamáBatistaPanama
  2. 2.Universidad Europea de MadridVillaviciosa de OdónSpain
  3. 3.Instituto Tecnológico de ColimaMexico

Personalised recommendations