On automatic detection of SQL injection attacks by the feature extraction of the single character
Sonoda MichioCyber University, Chiba, JapanTakeshi MatsudaCyber University, Tokyo, JapanDaiki KoizumiCyber University, Tokyo, JapanShigeichi HirasawaCyber University, Tokyo, Japan
2011en
ABI
Abstract
The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. However, a new attack method that is not included by the black list has still been developed. In this paper, we proposed the detecting method based on single character, and show the effectiveness of the proposed method experimentally using both attack and normal samples.
Identifiers
Citations and references
Cited by 20 references