Skip to Main content Skip to Navigation
Conference papers

Improving Web Application Firewalls to detect advanced SQL injection attacks

Abstract : Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules. Our Web Application Firewall architecture aims to optimize detection performances by using a prediction module that excludes legitimate requests from the inspection process.
Complete list of metadata

Cited literature [8 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01137542
Contributor : Abdelhamid Makiou <>
Submitted on : Tuesday, March 31, 2015 - 9:57:18 AM
Last modification on : Friday, July 31, 2020 - 10:44:08 AM
Long-term archiving on: : Wednesday, July 1, 2015 - 11:41:44 AM

File

07064617.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Abdelhamid Makiou, Youcef Begriche, Ahmed Serhrouchni. Improving Web Application Firewalls to detect advanced SQL injection attacks. Information Assurance and Security (IAS), 2014 10th International Conference on, University of Okinawa, Japan, Nov 2014, OKINAWA, Japan. pp.35-40, ⟨10.1109/ISIAS.2014.7064617⟩. ⟨hal-01137542⟩

Share

Metrics

Record views

518

Files downloads

3110