Evaluation of various techniques for SQL injection attack detection

Abstract

The network technology has evolved significantly recently. The growing use of cloud services, increased number of users, novel mobile operating systems and changes in network infrastructures that connect devices make novel challenges for cyber security. In order to counter arising threats, network security mechanisms and protection schemes also evolve and use sophisticated sensors and methods. In our previous work [27] we have introduced an innovative evolutionary algorithm for modeling genuine SQL queries generated by web-application. In [28] we have investigated how the proposed algorithm can be combined together with other Off-The-Shelf solutions (like SNORT and SCALP tools) in order to increase the detection ratio of injection attacks. In this paper we have significantly extended our test suite. First of all, we have compared our method with new efficient solutions for injection attack detection. We have also deeply discussed the drawbacks and benefits of these solutions. We have also explained how the correlation techniques can be adapted in order to overcome these drawbacks without loosing high effectiveness. © Springer International Publishing Switzerland 2013.