Locus Assignments
hemburger_close

Detection Model for SQL Injection Attacks

Home
breadCrumb image
Detection Model for SQL Injection Attacks
Title -
Detection model for sql injection attacks
Summary -
This dissertation proposes a model for detecting SQL injection attacks and web vulnerabilities, aiding administrators in network monitoring and mitigation.
Other Categories

Download


Interim report

Detection model for SQL injection attack; an approach for preventing data loss.

















Student name:

Student ID:



Project Summary and Specifications

Throughout the modern technological era, the utilisation of internet could be regarded as to have become a significant as well as a crucial part about the daily lives of any individual. The utilisation of internet could be identified to be carried out regarding the conducting of almost any and every task which further includes the conducting of effective learning throughout many schools as well as any individual educational institutes, also the utilisation of internet could also be experience throughout any major or small-scale businesses as well as throughout the field of social networking. Due to the fact that the internet has indeed becoming significantly important throughout the various fields, it is also utilised as a medium towards transferring of various files as well as the storage of crucial or important data. The four various individuals who were termed as hackers are capable of disrupting the entire piece through the utilisation of Internet in a negative manner or aspect. The handling of the network security has been usually identified towards being carried out by the employed network administrator about any organisation which implements any security policy. The major reason behind the implementation of network security throughout any organisation or business could be explained as towards the protection of the respective network along with the resources from getting illegally or unauthorised access by any unidentified user along with implementing assurance for the three major goals comprised within the aspect of security, namely the integrity as well as availability along with the confidentiality of the respective stored data and information (Li et al., 2017).

The term WORLD WIDE WEB could be regarded as among the various approaches towards getting accessibility towards the information through the utilisation of internet. This is due to the fact that the hypertext transfer protocol otherwise commonly referred to as the http request has been known to conduct throughout the internet along with being utilised by the world wide web towards the transmission of any data or information by the medium of internet. The hypertext transfer protocol has been properly utilised by each and every webservice in attempts towards let in any application to establish efficient communication with one another regarding the sharing of any business logic. Whether utilisation of any web browser the user is capable of accessing each of the web documents which could be referred to as the web pages. These webpages might contain information in the form of text as well as videos or sound and images along with comprising of various multimedia components which might be added to find towards being linked with each other via the implementation of hyperlinks. Among the most crucial components throughout any web is that of the uniform resource locator, otherwise commonly referred to as URL. Every website or any web application available on the Internet or web comprises of their own unique URL, thus making the entire procedure regarding the searching of any specific website or web application significantly easier (Chen and Guo, 2018).

Vulnerabilities

The vulnerabilities throughout a system or an established network for any organisation could be explained as the various week aspects which are susceptible towards being exploited by any attacker so as to take advantage and obtain the unauthorised access ability towards the respective target network or machine. There are numerous vulnerabilities which can be identified throughout various respective networks established throughout any business or organisation. But still there are the three major common vulnerabilities which could be identified throughout any web-based application or any web-based service employed by any organisation or business. These vulnerabilities could be identified throughout the structured query language otherwise commonly referred to as SQL injection, along with the utilisation of cross site scripting as well as the buffer overflow.

The security attack referred to as the SQL injection could be explained as the attack to out with their respective attacker implements various SQL commands throughout the form as well as the parameter values. After which it carries out the exploitation by the utilisation of the SQL queries to of the respective website or the web-based application. The cross-site scripting could be referred to as the attack which is capable of exploiting the respective information on the network of any organisation or business by the utilisation of JavaScript throughout the respective web service. The respective JavaScript utilised by the attacker would be a collection of various codes that would be downloaded into that of the browser utilised by the target user so as to enable the form submission. Due to the fact that the various types of crucial as well as confidential information is comprised within the respective form and to be submitted upon the respective network by the utilisation of internet, it becomes significantly easier for the respective attacker towards stealing their respective information by the utilisation of cross site scripting. The buffer overflow can't be explained as the exploitation which is implemented throughout the memory allocation so as to attack certain web-based application or website by making it massive.

This particular study draws attention to a proposed model to be implemented for the detection of SQL injection attacks along with the various web-based vulnerabilities by the identification of any suspicious of the defined vulnerability criteria. The motivation behind doing so is to provide assistance to the various types of administrators as well as the team employed by any organisation or business towards monitoring their respective network so as to efficiently identify the scenario or situation where SQL injection attack is occurring along with implementing the respective of corresponding mitigation procedures towards protecting their vulnerable aspects as well as their crucial information.



Literature review

Upon reviewing the research presented by the authors (Li et al., 2017), it was identified that the authors presented their particular study regarding the various pressures of the rapid iteration identified throughout the procedure of area software development along with the implementation of security issues. It was presented by the authors that the employment of detailed as well as efficient security issues is sometimes not taken under consideration due to the lacking of network security awareness. In lieu of this, the authors felt the motivation towards presenting their respective study as well as a contribution towards the field of security awareness along with the development of effective model which is capable of detecting the situation where an SQL injection attack is occurring.

With reverence to this, the authors presented that the model to be developed would be based upon the Markov model so as to efficiently detect and analyse the various behavioural patterns regarding the various users along with the discovery towards the behaviour of any web attack, along with the recognition of the bracket sequences which are transmitted by the DDOS attacker. It was presented that the respective model by the name of Markov model is indicate capable of proposing a finite dimensional control scheme for the various type of dynamic risks regarding any targeted system along with implementing optimisation towards the detection model so as to identify the DDOS attacks. The authors further presented with accordance to the various records found upon the web server, that the Markov model could also be applied towards the modelling of user behaviour throughout various significant sites. The hypertext transfer protocol, when flooded with various attacks towards some extent, could also experience benefits by the application of Markov model throughout the respective established network regarding the modelling of user behaviour.

With regards to contributing to this particular field of study, the authors presented the following operations throughout the presented paper:

  • Automated technique developed on the basis of HMM along with the customised log so as to analyse as well as detect the SQLIAs along with the second order SQLIAs along with discussions regarding various attacks which are quite similar with respect to the risky behaviour of SQL injection.

  • The authors also put forward a detailed theory regarding the entire behaviour unit throughout the log processing along with the insides regarding how it could implement protection throughout the intent of the user along with experience in reduction throughout the error rate in the classification procedure.

  • A detail and a novel method towards the Restoration of browsing history of any user by the analysis of the respective user's clicking sequence. It was also presented that this particular procedure would not be affected by any of the interference with respect to the proxy servers as well as the firewalls.

Web user behaviour model

The others initiated their development methodology by carrying out the first and foremost procedure of developing a model capable of efficiently analysing the user behaviour as upon the world wide web. It was identified that the users were centred at the browsing behaviour of any user is basically done regarding the click operations along with the intention of the user could also be determined by the delivery of the web page transition throughout the specified period of time. Therefore, the authors moved on towards extracting the contents from any respective website such as its structure along with the hyperlinks provided within it as well as the objects so as to efficiently initialise the various parameters required for the HMM.

Figure 1 User Clicking Behaviour Model

The authors then carried out various algorithm operations regarding the application of effective HMM model. Which was followed by the initialisation of their experiment by carrying out effective data collection (AL-Maliki and Jasim, 2022).

Figure 2 User clicking output model

Data collection

The procedure of Data collection was carried out by the authors by establishing a simulation for the various types of behavioural patterns for every user regarding their browsing history on various websites. This was carried out by using WebTop, which is an open-source website utilised for shopping and was developed upon the basis of PHP language.

The first operation carried out by the authors was the analysis of the respective website along with developing a comprehensive model which the comprised of collection throughout every page along with the retained statistics which were in a retail format concerning the multiple pages for the link type (Jemal et al., 2020).

The authors then further utilised and implemented the operations of reducing the data name is along with retaining as well as implementing transformations which were followed by the conducting of the experimental environment as well as various other procedures. This finally concluded as the authors obtained the various results along with carrying out their analysis concerning whether or not they can analyse the attackers upon the basis of the distribution throughout every visiting page, whose data has been extracted collected depending upon the behavioural analysis of the user regarding the visiting of websites.



Progress to date

Cleanse and validate Freeform user input

This was the most significant step conducted regarding the prevention of SQL injection attacks. Any type of data or information which is presented by the user, via web form, files an API, or any other type of application requires the necessity towards getting cleansed as well as validated. This procedure would carry out the verification of the user’s inputs regarding an invalid character as well as unacceptable length, or some other anomaly before conducting the processing as well as storing it.

Figure 3 Example for Cleansing and validation of freeform

In the above-presented data, the respective form not only disapprove of the respective bogus data but also presented a significant error message regarding why the respective input which was provided is unacceptable.

Remove Freeform User input whenever the possibility presents itself.

The easiest approach towards the prevention of SQL injection from that of the form fields is to implement the removal of the user's freedom towards entering whatever they would like to. This is to be carried out while presenting the users with additional options which might seem to be a noble thing to do. Whenever the possibility presents itself the utilisation of dropdown when used as well as radio buttons or any other type of input method should also be provided to the users throughout the presented list of options. The customisable options could indeed be easily developed through the utilisation of configuration settings or the preferences of the users.

The most significant aspect in this step was that the removal of the free form fields indeed introduced a significant reduction throughout the number of places at which the SQL injection would indeed target them. As a bonus, the removal of the freeform fields also covered simplification throughout the code along with increment throughout the entire stability.

Validation of data Before processing

The validation of data along with the locking of results allowed towards ensuring that only the valid data would be retained throughout the table. As a result of this, the logging of validated errors was indeed also carried out which assisted the developer section towards implementing research along with improving the entire code with time. Implementing the further procedure at a higher level was carried out as an addition to the validation of data. Throughout this, various aspects were taken under consideration that the validated data , as well as the matrix-like that of table row, counts as well as the size of the data along with the utilisation modifications throughout the time. This was capable of pointing out scenarios throughout which the data has the possibility of growing unacceptable fast along with assisting towards the pinpointing of any issue before its occurrence (Xie et al., 2019).

Ensure Error should not User-facing

The implementation of this study was carried out as an ideal scenario to out which the errors are susceptible towards getting caught along with handling gracefully throughout every level of the respective website or web-based application. Sensitive TSQL was also executed by the utilisation of try and catch blocks. This presented the immediate about it was responding to the various exceptions before their entering in the respective code of the website or the web-based application.

Activity or operation conducted

Duration spent

Cleanse and validate Freeform user input

2-3 days

Remove Freeform User input whenever the possibility presents itself.

3 days

Validation of data Before processing

3-4 days

Ensure Error should not User-facing

3 days



Planned Work

The utilisation of stored procedures for abstracting Business Logic

The stored procedure is used in structured query language for saving a query that is to be used upon a frequent basis regarding the database and it is used in the abstraction of business logic.

The utilisation of LIKE operator in a careful manner

The LIKE operator in structured query language is used to find similar kinds of data in search. Generally, it is used to find a specific pattern in SQL.

Limited utilisation of xp_cmdshell along with other Extended retained processes

The XP command shell is a specific user command which is used to find and perform extended stored procedure which is helpful in creating a window and it is being run under directory account.

Carry out penetration test

The penetrate test is being carried out so that cross site scripting and application attacks can be prevented and to uncover target vulnerability these penetrating testing are done.

Review the written Code

The kind of code present different steps which are involved in software development process. It also consists of providing idea about different aspects related to security and performance and application development which are required to be obtained (Chen et al., 2021).

Activity or operation conducted

Duration spent

The utilisation of stored procedures for abstracting Business Logic

2-3 days

The utilisation of LIKE operator in a careful manner

2-3 days

Limited utilisation of xp_cmdshell along with other Extended retained processes.

4-5 days

Carry out penetration test

3 days

Review the written Code

2 days





References

Li, P., Liu, L., Xu, J., Yang, H., Yuan, L., Guo, C. and Ji, X., 2017, July. Application of hidden Markov model in SQL injection detection. In 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC) (Vol. 2, pp. 578-583). IEEE. DOI 10.1109/COMPSAC.2017.64

Chen, Z. and Guo, M., 2018. Research on SQL injection detection technology based on SVM. In MATEC web of conferences (Vol. 173, p. 01004). EDP Sciences. https://doi.org/10.1051/matecconf/201817301004

Jemal, I., Cheikhrouhou, O., Hamam, H. and Mahfoudhi, A., 2020. Sql injection attack detection and prevention techniques using machine learning. International Journal of Applied Engineering Research, 15(6), pp.569-580. https://www.researchgate.net/profile/Omar-Cheikhrouhou/publication/342734749_SQL_Injection_Attack_Detection_and_Prevention_Techniques_Using_Machine_Learning/links/5f0415d4458515505091b1ec/SQL-Injection-Attack-Detection-and-Prevention-Techniques-Using-Machine-Learning.pdf

Xie, X., Ren, C., Fu, Y., Xu, J. and Guo, J., 2019. Sql injection detection for web applications based on elastic-pooling cnn. IEEE Access, 7, pp.151475-151481. Doi:10.1109/ACCESS.2019.2947527

Chen, D., Yan, Q., Wu, C. and Zhao, J., 2021. Sql injection attack detection and prevention techniques using deep learning. In Journal of Physics: Conference Series (Vol. 1757, No. 1, p. 012055). IOP Publishing. doi:10.1088/1742-6596/1757/1/012055

AL-Maliki, M.H.A. and Jasim, M.N., 2022. Review of SQL injection attacks: Detection, to enhance the security of the website from client-side attacks. International Journal of Nonlinear Analysis and Applications. http://dx.doi.org/10.22075/ijnaa.2022.6152

6


footer_logo
  • Solution to Every Assignment
    We have established a strong reputation
    in online education and tutoring services.
    • Useful Links
    Policies
    Assignment By Countries
    • No countries available
    Newsletter
    Connect With Us
    facebook_mediatwitter_media
  • Copyright ©2012-25 Zucol Services PVT LTD. All Rights Reserved
  • Locus Assignments provides samples for guidance and reference purposes only. The company will not take any responsibility for any type of academic misconduct done by an individual.
    • dmca_protected
    copyscape_image
    FAQ's