SQL injection detection system
- Publisher: Institutional Repository of Vilnius University
SQL injection detection system Programmers do not always ensure security of developed systems. That is why it is important to look for solutions outside being reliant on developers. In this work SQL injection detection system is proposed. The system analyzes HTTP request parameters and detects intrusions. It is based on unsupervised machine learning. Trained by regular request data system detects outlier user parameters. Since training is not reliant on previous knowledge of SQL injections, the system is able to detect unknown attacks. Experiments show that effectiveness of proposed system relies on diversity and features of training data. Keywords: SQL injection attacks, intrusion detection system, support vector machines, unsupervised machine learning.