Improving Web Application Firewalls to detect advanced SQL injection attacks - Equipe Cybersecurity for Communication and Networking Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

Improving Web Application Firewalls to detect advanced SQL injection attacks

Résumé

Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules. Our Web Application Firewall architecture aims to optimize detection performances by using a prediction module that excludes legitimate requests from the inspection process.
Fichier principal
Vignette du fichier
07064617.pdf (728.16 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01137542 , version 1 (31-03-2015)

Identifiants

Citer

Abdelhamid Makiou, Youcef Begriche, Ahmed Serhrouchni. Improving Web Application Firewalls to detect advanced SQL injection attacks. Information Assurance and Security (IAS), 2014 10th International Conference on, University of Okinawa, Japan, Nov 2014, OKINAWA, Japan. pp.35-40, ⟨10.1109/ISIAS.2014.7064617⟩. ⟨hal-01137542⟩
438 Consultations
2181 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More