SQL Injection Attack Detection: Profiling of Web Application Parameter Using the Sequence Pairwise Alignment

  • Jae-Chul Park
  • Bong-Nam Noh
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4298)


Web applications employing database-driven content have become widely deployed on the Internet, and organizations use them to provide a broad range of services to people. Along with their growing deployment, there has been a surge in attacks that target these applications. One type of attack in particular, SQL injection, is especially harmful. SQL injections can give attackers direct access to the database underlying an application and allow them to leak confidential or even sensitive information. SQL injection is able to evade or detour IDS or firewall in various ways. Hence, detection system based on regular expression or predefined signatures cannot prevent SQL injection effectively. We present a detection mode for SQL injection using pairwise sequence alignment of amino acid code formulated from web application parameter database sent via web server. An experiment shows that our method detects SQL injection and, moreover, previously unknown attacks as well as variations of known attacks.


Web Application Security SQL Injection Attack Web Application Parameter Pairwise Sequence Alignment 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aucsmith, D.: Creating and maintaining software that resists malicious attack. Distinguished Lecture Series, Atlanta, GA (September 2004),
  2. 2.
    OWASPD – Open Web Application Security Project. Top ten most critical web application vulnerabilities (2005),
  3. 3.
    Scambray, J., Shema, M., Wong, D.: Hacking Exposed Web Applications. Osborne Media (2002)Google Scholar
  4. 4.
    Finnigan, P.: Oracle Security Step-by-step. SANS Institute (2002),
  5. 5.
    CERT Coordination Center. Overview of attack trends. Technical report CERT CC (2002)Google Scholar
  6. 6.
    Chapela, V.: Advanced SQL injection. OWASP (2005),
  7. 7.
    Anley, C.: (more) Advanced SQL Injection. An NGS Software Insight Security Research (NISR) (2002)Google Scholar
  8. 8.
    Denning, D.E.: An intrusion-detection model. IEEE Transactions on Software Engineering 13(2), 222–232 (1987)CrossRefGoogle Scholar
  9. 9.
    Bykova, M., Ostermann, S., Tjaden, B.: Detecting network intrusions via a statistical analysis of network packet characteristics. In: Proceedings of the 33rd Southeastern Symposium on System Theory (2001)Google Scholar
  10. 10.
    Staniford, S., Hoagland, J.A., McAlerney, J.M.: Practical automated detection of stealthy portscans. In: Proceedings of the IDS Workshop of the 7th Computer and Communications Security Conference, Athens (2000)Google Scholar
  11. 11.
    Krügel, C., Toth, T., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proceedings of the ACM symposium on Applied computing, ACM Press, New York (2002)Google Scholar
  12. 12.
    Needleman, S.B., Wunsch, C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. Mol. Biol. 48, 443–453 (1970)CrossRefGoogle Scholar
  13. 13.
    Waterman, M.S., Smith, T.F., Beyer, W.A.: Some biological sequence metrics. Adv. Math. 20, 367–387 (1976)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
  15. 15.
    Barkan, D.: A parallel implementation of the Needleman-Wunsch algorithm for global gapped pair-wise alignment. Journal of Computing Sciences in Colleges 17(Issue 6) (2002)Google Scholar
  16. 16.
    Cohen, J.: Bioinformatics—an introduction for computer scientists. ACM Computing Surveys (CSUR) 36(Issue 2) (2004)Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Jae-Chul Park
    • 1
  • Bong-Nam Noh
    • 2
  1. 1.Interdisciplinary Program of Information Security, Chonnam National University, 500-757, GwangjuKorea
  2. 2.Div. of Electronics Computer & Information Engineering, Chonnam National University, 500-757, GwangjuKorea

Personalised recommendations