Detection of SQL Injection Using a Genetic Fuzzy Classifier System
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 6
Abstract
SQL Injection (SQLI) is one of the most popular vulnerabilities of web applications. The consequences of SQL injection attack include the possibility of stealing sensitive information or bypassing authentication procedures. SQL injection attacks have different forms and variations. One difficulty in detecting malicious attacks is that such attacks do not have a specific pattern. A new fuzzy rule-based classification system (FBRCS) can tackle the requirements of the current stage of security measures. This paper proposes a genetic fuzzy system for detection of SQLI where not only the accuracy is a priority, but also the learning and the flexibility of the obtained rules. To create the rules having high generalization capabilities, our algorithm builds on initial rules, data-dependent parameters, and an enhancing function that modifies the rule evaluation measures. The enhancing function helps to assess the candidate rules more effectively based on decision subspace. The proposed system has been evaluated using a number of well-known data sets. Results show a significant enhancement in the detection procedure
Authors and Affiliations
Christine Basta, Ahmed elfatatry, Saad Darwish
Keywords
Related Articles
- EP ID EP112470
- DOI 10.14569/IJACSA.2016.070616
- Views 123
- Downloads 0
Standard Positioning Performance Evaluation of a Single-Frequency GPS Receiver Implementing Ionospheric and Tropospheric Error Corrections
This paper evaluates the positioning performance of a single-frequency software GPS receiver using Ionospheric and Tropospheric corrections. While a dual-frequency user has the ability to eliminate the ionosphere error b...
Studying Data Mining and Data Warehousing with Different E-Learning System
Data Mining and Data Warehousing are two most significant techniques for pattern detection and concentrated data management in present technology. ELearning is one of the most important applications of data mining. The f...
Ontology for Academic Program Accreditation
Many educational institutions are adopting national and international accreditation programs to improve teaching, student learning, and curriculum. There is a growing demand across higher education for automation and hel...
Network Packet Classification using Neural Network based on Training Function and Hidden Layer Neuron Number Variation
Distributed denial of service (DDoS) is a structured network attack coming from various sources and fused to form a large packet stream. DDoS packet stream pattern behaves as normal packet stream pattern and very difficu...
Healthcare Management using ICT and IoT based 5G
In healthcare management, all patients need to be looked after properly with the latest technology. Although treatment facilities of healthcare management are available wirelessly, many treatments are still pending and d...