Correlation Approach for SQL Injection Attacks Detection

  • Michał Choraś
  • Rafał Kozik
  • Damian Puchalski
  • Witold Hołubowicz
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 189)


In this paper we prove that the correlation approach to SQL Injection Attacks allows improving results of such attacks detection. Moreover, we propose a novel method for SQLIA detection based on the genetic algorithm for determining anomalous queries. Experimental scenario is also described and the achieved results are reported.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Choraś, M., Kozik, R., Piotrowski, R., Brzostek, J., Hołubowicz, W.: Network Events Correlation for Federated Networks Protection System. In: Abramowicz, W., Llorente, I.M., Surridge, M., Zisman, A., Vayssière, J. (eds.) ServiceWave 2011. LNCS, vol. 6994, pp. 100–111. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Rao, T.K., Kum, G.Y., Reddy, E.K., Sharma, M.: Major Issues of Web Applications: A Case Study of SQL Injection. Journal of Current Computer Science and Technology 2(1), 16–20 (2012)Google Scholar
  3. 3.
    Halfond, W., Orso, A.: AMNESIA: Analysis and Monitoring for Neutralizing SQL-Injection Attacks. In: Proceedings of the 20th IEEEACM International Conference on Automated Software Engineering (2005)Google Scholar
  4. 4.
  5. 5.
    OWASP Top 10 – 2010, The Ten Most Critical Web Application Security Risks (2010)Google Scholar
  6. 6.
    Royal Navy Website Attacked by Romanian Hacker (2008),
  7. 7.
    Mills, E.: DSL Reports Says Member Information Stolen (2011)Google Scholar
  8. 8.
    Keizer, G.: Huge Web Hack Attack Infects 500,000 pages (2008)Google Scholar
  9. 9.
    Tajpour, A., JorJor Zade Shooshtari, M.: Evaluation of SQL Injection Detection and Prevention Techniques. In: CICSyN 2010 Second International Conference on Computational Intelligence, Communication Systems and Networks (2010)Google Scholar
  10. 10.
    Amirtahmasebi, K., Jalalinia, S.R., Khadem, S.: A Survey of SQL Injection Defense Mechanisms. In: ICITST International Conference for Internet Technology and Secured Transactions (2009)Google Scholar
  11. 11.
    Elia, I.A., Fonseca, J., Vieira, M.: Comparing SQL Injection Detection Tools Using Attack Injection: An Experimental Study. In: 2010 IEEE 21st International Symposium on Software Reliability Engineering (2010)Google Scholar
  12. 12.
    Needleman, S.B., Wunsch, C.D.: A General Method Applicable to the Search for Similarities in the Amino Acid Sequence of Two Proteins. Journal of Molecular Biology (1970)Google Scholar
  13. 13.
    Conrad, E.: Detecting Spam with Genetic Regular Expressions. SANS Institute InfoSec Reading Room (2007)Google Scholar
  14. 14.
    Kruegel, C., Toth, T., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proc. of ACM Symposium on Applied Computing, pp. 201–208 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Michał Choraś
    • 1
    • 2
  • Rafał Kozik
    • 2
  • Damian Puchalski
    • 1
  • Witold Hołubowicz
    • 2
    • 3
  1. 1.ITTI Ltd.PoznańPoland
  2. 2.Institute of TelecommunicationsUT&LSBydgoszczPoland
  3. 3.Adam Mickiewicz UniversityPoznańPoland

Personalised recommendations