RT info:eu-repo/semantics/article
T1 idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining
A1 Pinzón, Cristian
A1 De Paz, Juan F.
A1 Herrero Cosío, Álvaro
A1 Corchado Rodríguez, Emilio Santiago
A1 Bajo Pérez, Javier
A1 Corchado Rodríguez, Juan Manuel
K1 Computer Science
AB This study presents a multiagent architecture aimed at detecting SQL injection attacks, which are one of the most prevalent threats for modern databases. The proposed architecture is based on a hierarchical and distributed strategy where the functionalities are structured on layers. SQL-injection attacks, one of the most dangerous attacks to online databases, are the focus of this research. The agents in each one of the layers are specialized in specific tasks, such as data gathering, data classification, and visualization. This study presents two key agents under a hybrid architecture: a classifier agent that incorporates a Case-Based Reasoning engine employing advanced algorithms in the reasoning cycle stages, and a visualizer agent that integrates several techniques to facilitate the visual analysis of suspicious queries. The former incorporates a new classification model based on a mixture of a neural network and a Support Vector Machine in order to classify SQL queries in a reliable way. The latter combines clustering and neural projection techniques to support the visual analysis and identification of target attacks. The proposed approach was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented in this paper.
PB Elsevier BV
SN 0020-0255 (Print)
YR 2013
FD 2013
LK http://hdl.handle.net/10366/134339
UL http://hdl.handle.net/10366/134339
LA en
NO Information Sciences. Volumen 231, pp. 15-31. Elsevier BV.
DS Gestión del Repositorio Documental de la Universidad de Salamanca
RD 16-abr-2024