Fixed Attribute Value Removal Method and Anomaly Based Profiled Method, An SQLi Detection Effectiveness Study

In this work, performance of two existing SQL injection detection methods is compared and analysed together. The first existing method uses removal of SQL query attribute values method, and the other one uses database profiling technique in detecting malicious SQL query in SQL injection attacks. Bot...

Full description

Saved in:
Bibliographic Details
Published in2021 International Conference on Data Science and Its Applications (ICoDSA) pp. 72 - 78
Main Authors Kamaruzman, Shamsul Alam, Isnin, Ismail Fauzi, Din, Mazura Mat
Format Conference Proceeding
LanguageEnglish
Published IEEE 06.10.2021
Subjects
Data science
database security
detection method
effectiveness
Error analysis
Security
SQL injection
Online AccessGet full text
DOI10.1109/ICoDSA53588.2021.9617523

Cover

More Information
Summary:In this work, performance of two existing SQL injection detection methods is compared and analysed together. The first existing method uses removal of SQL query attribute values method, and the other one uses database profiling technique in detecting malicious SQL query in SQL injection attacks. Both detection method algorithms are implemented and tested using SQL query log generated from DVWA and Mutillidae web applications. Analysis and evaluation from results of the experiment showed that detection method based on the considered database profiling method is found to be much flexible and more effective. Nevertheless, it was found that the former method still has some room of improvement that could be done. Therefore, improvement on the former method is proposed that increase the effectiveness of the method to distinguish non-malicious query and the malicious query during the SQL injection detection process.
DOI:10.1109/ICoDSA53588.2021.9617523