Skip to Main content Skip to Navigation
Conference papers

Hybrid Approach to Detect SQLi Attacks and Evasion Techniques

Abstract : —Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications[1]. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our model is a hybrid Injection Prevention System (HIPS) which uses both a machine learning classifier and a pattern matching inspection engine based on reduced sets of security rules.
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Abdelhamid Makiou <>
Submitted on : Thursday, April 2, 2015 - 12:05:20 PM
Last modification on : Friday, July 31, 2020 - 10:44:08 AM
Long-term archiving on: : Friday, July 3, 2015 - 10:26:42 AM


Hybrid SQLi_Clo2014_Short_Pape...
Files produced by the author(s)




Abdelhamid Makiou, Youcef Begriche, Ahmed Serhrouchni. Hybrid Approach to Detect SQLi Attacks and Evasion Techniques. Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2014, Oct 2014, Miami, United States. pp.452-456, ⟨10.4108/icst.collaboratecom.2014.257568⟩. ⟨hal-01138604⟩



Record views


Files downloads