On automatic detection of SQL injection attacks by the feature extraction of the single character

The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. However, a new attack method that is not included by the black list has still been developed. In this paper, we proposed the detecting method based on single character, and show the effectiveness of the proposed method experimentally using both attack and normal samples.

Перевод пока недоступен