Please use this identifier to cite or link to this item:
idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining: Profile on PlumX
Title: idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining
Authors: Pinzón, Cristian
Paz Santana, Juan Francisco de
Herrero Cosío, Álvaro
Corchado Rodríguez, Emilio
Bajo Pérez, Javier
Corchado Rodríguez, Juan M.
Keywords: Computer Science
Issue Date: 2013
Publisher: Elsevier BV
Citation: Information Sciences. Volumen 231, pp. 15-31. Elsevier BV.
Abstract: This study presents a multiagent architecture aimed at detecting SQL injection attacks, which are one of the most prevalent threats for modern databases. The proposed architecture is based on a hierarchical and distributed strategy where the functionalities are structured on layers. SQL-injection attacks, one of the most dangerous attacks to online databases, are the focus of this research. The agents in each one of the layers are specialized in specific tasks, such as data gathering, data classification, and visualization. This study presents two key agents under a hybrid architecture: a classifier agent that incorporates a Case-Based Reasoning engine employing advanced algorithms in the reasoning cycle stages, and a visualizer agent that integrates several techniques to facilitate the visual analysis of suspicious queries. The former incorporates a new classification model based on a mixture of a neural network and a Support Vector Machine in order to classify SQL queries in a reliable way. The latter combines clustering and neural projection techniques to support the visual analysis and identification of target attacks. The proposed approach was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented in this paper.
ISSN: 0020-0255 (Print)
Appears in Collections:BISITE. Artículos de revista

This item is is subject to a Creative Commons License