Abstract
This paper presents an agent specially designed for the prevention and detection of SQL injection at the database layer of an application. The agent incorporates a Case-based reasoning mechanism whose main characteristic involves a mixture of neural networks that carry out the task of filtering attacks. The agent had been tested and the results obtained are presented in this study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anley, C.: Advanced SQL Injection In SQL Server Applications (2002), http://www.nextgenss.com/papers/advanced-sql-injection.pdf
Halfond, W., Orso, A.: AMNESIA: analysis and monitoring for neutralizing SQL-injection attacks. In: ASE 2005: 20th IEEE/ACM international Conference on Automated software engineering, pp. 174–183. ACM, New York (2005)
Wassermann, G., Gould, C., Su, Z., Devanbu, P.: Static Checking of Dynamically Generated Queries in Database Applications. ACM Transactions on Software Engineering and Methodology 16, 14 (2007)
Valeur, F., Mutz, D., Vigna, G.: A Learning-Based Approach to the Detection of SQL Attacks. In: Julisch, K., Krügel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 123–140. Springer, Heidelberg (2005)
Corchado, J.M., Pavón, J., Corchado, E.S., Castillo, L.F.: Development of CBR-BDI Agents. In: Advances in Case-Based Reasoning. Springer, Heidelberg (2004)
Woolridge, M., Wooldridge, M.J.: Introduction to Multiagent Systems. John Wiley & Sons, New York (2002)
Corchado, J.M., Laza, R., Borrajo, L., De Luis, Y.A., Valiño, M.: Increasing the Autonomy of Deliberative Agents with a Case-Based Reasoning System. International Journal of Computational Intelligence and Applications 3(1), 101–118 (2003)
Fdez-Riverola, F., Iglesias, E.L., Daz, F., Méndez, J.R., Corchado, J.M.: SpamHunting: An instance-based reasoning system for spam labelling and filtering. Decision Support System 43(3), 722–736 (2007)
Ramasubramanian, P., Kannan, A.: Quickprop Neural Network Ensemble Forecasting a Database Intrusion Prediction System. Neural Information Processing 5, 847–852 (2004)
Huang, Y., Huang, S., Lin, T., Tsai, C.: Web application security assessment by fault injection and behavior monitoring, pp. 148–159. ACM, New York (2003)
Rietta, F.: Application layer intrusion detection for SQL injection. In: 44th annual Southeast regional conference, pp. 531–536. ACM, New York (2006)
Skaruz, J., Seredynski, F.: Recurrent neural networks towards detection of SQL attacks. In: Parallel and Distributed Processing Symposium, 2007. IPDPS 2007, pp. 1–8. IEEE International, Los Alamitos (2007)
Carrascosa, C., Bajo, J., Julian, V., Corchado, J.M., Botti, V.: Hybrid multi-agent architecture as a real-time problem-solving model. Expert System with Application 34, 2–17 (2008)
Kussul, N., Shelestov, A., Sidorenko, A., Skakun, S., Veremeenko, Y.: Intelligent multi-agent information security system, Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications. In: Proceedings of the Second IEEE International Workshop, pp. 120–122 (2003)
Abraham, A., Jain, R., Thomas, J., Han, S.Y.: D-SCIDS: distributed soft computing intrusion detection system. J. Netw. Comput. Appl. 30, 81–98 (2007)
Corchado, J.M., Bajo, J., Abraham, A.: GerAmi: Improving Healthcare Delivery in Geriatric Residences. Intelligent Systems 23, 19–25 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pinzón, C., De Paz, Y., Cano, R. (2008). Classification Agent-Based Techniques for Detecting Intrusions in Databases. In: Corchado, E., Abraham, A., Pedrycz, W. (eds) Hybrid Artificial Intelligence Systems. HAIS 2008. Lecture Notes in Computer Science(), vol 5271. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87656-4_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-87656-4_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-87655-7
Online ISBN: 978-3-540-87656-4
eBook Packages: Computer ScienceComputer Science (R0)