Database security : combining neural networks and classification approach

• Autorzy: Skaruz Jarosław

Identyfikatory

DOI

10.34739/si.2019.23.06

• Języki publikacji: EN

Abstrakty

EN

In the paper we present a new approach based on application of neural networks to detect SQL attacks. SQL attacks are those attacks that take the advantage of using SQL statements to be performed. The problem of detection of this class of attacks is transformed to time series prediction problem. SQL queries are used as a source of events in a protected environment. To differentiate between normal SQL queries and those sent by an attacker, we divide SQL statements into tokens and pass them to our detection system, which predicts the next token, taking into account previously seen tokens. In the learning phase tokens are passed to a recurrent neural network (RNN) trained by backpropagation through time (BPTT) algorithm. Then, two coefficients of the rule are evaluated. The rule is used to interpret RNN output. In the testing phase RNN with the rule is examined against attacks and legal data to find out how evaluated rule affects efficiency of detecting attacks. All experiments were conducted on Jordan network. Experimental results show the relationship between the rule and a length of SQL queries.

Słowa kluczowe

EN

database; security; anomaly detection; neural networks

• Wydawca: Wydawnictwo Uniwersytetu Przyrodniczo-Humanistycznego w Siedlcach
• Czasopismo: Studia Informatica : systems and information technology
• Rocznik: 2019
• Tom: Vol. 1-2(23)
• Strony: 95--115
• Opis fizyczny: Bibliogr. 18 poz., tab., wykr.

Twórcy

autor

Skaruz Jarosław

• Siedlce University of Natural Sciences and Humanities, Faculty of Exact and Natural Sciences, Institute of Computer Science, ul. 3 Maja 54, 08-110 Siedlce, Poland

Bibliografia

• [1] Almgren M., Debar H., Dacier M.: A lightweight tool for detecting web server attacks, In Proceedings of the ISOC Symposium on Network and Distributed Systems Security, 2000.
• [2] Drake P.R., Miller K.A.: Improved Self-Feedback Gain in the Context Layer of a Modified Elman Neural Network, Mathematical and Computer Modelling of Dynamical Systems, 2002, pp. 307-311.
• [3] Ghosh A. K., Michael C., Schatz M.: A Real-Time Intrusion Detection System Based on Learning Program Behaviour, Recent Advances in Intrusion Detection, Springer, LNCS, 2000, pp. 93-109.
• [4] Kendall M., Ord J.: Time Series, third edition, 1999.
• [5] Kruegel C., Vigna G.: Anomaly Detection of Web-based Attacks, Proceedings of the 10th ACM Conference on Computer and Communication Security (CCS '03), 2003, pp. 251-261.
• [6] Lin T., Horne B.G., Tino P., Giles C.L.: Learning long-term dependencies in NARX recurrent neural networks, IEEE Transactions on Neural Networks, 1996, pp. 1329.
• [7] Nunn I., White T.: The Application of Antigenic Search Techniques to Time Series Forecasting, In Proceedings of the Genetic and Evolutionary Computation Conference (GECCO), USA, 2005.
• [8] Pollock D.: A Handbook of Time-Series Analysis, Signal Processing and Dynamics, Academic Press, London, 1999.
• [9] Ramadas M., OsterMann S., Tjaden B.: Detecting Anomalous Network Traffic with Selforganizaing Maps, Recent Advances in Intrusion Detection, Springer, LNCS, 2003, pp. 36-55.
• [10] Skaruz J., Seredyński F., Bouvry P.: Tracing SQL Attacks via Neural Networks, Parallel Processing and Applied Mathematics, Springer, LNCS, 2007.
• [11] Tan K.M.C., Killourhy K.S., Maxion R.A.: Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits, In Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection, 2002, pp. 54-73.
• [12] Werbos P. J.: Backpropagation Through Time: What It Does and How to Do It, in Proceedings of IEEE, Vol. 78, 1990, pp. 1550-1560.
• [13] Valeur F., Mutz D., Vigna G.: A Learning-Based Approach to the Detection of SQL Attacks, Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), Austria, 2005.
• [14] Internet source: http://securityfocus.com.
• [15] Khanuja H., Adane D. S.: Database Security Threats and Challenges in Database Forensic:A Survey, International Conference on Advancements in Information Technology With workshop of ICBMG, 2011.
• [16] Sabareesan M., Gobinathan N.: Network Database Security Issues and Defense, International Journal of Engineering Research and Applications, Vol. 3, Issue 1, 2013, pp. 1748-1752.
• [17] Almutairi A.H., Alruwaili A. H.: Security in Database Systems, Global Journal of Computer Science and Technology Network, Web & Security, Vol. 12, Issue 17, 2012.
• [18] Basharat I., Azam F., Muzaffar A. W.: Database Security and Encryption: A Survey Study, International Journal of Computer Applications, Vol. 47, No.12, 2012.