SQLiGoT: Detecting SQL injection attacks using graph of tokens and SVM

SQL injection attacks have been predominant on web databases since the last 15 years. Exploiting input validation flaws, attackers inject SQL code through the front-end of websites and steal data from the back-end databases. Detection of SQL injection attacks has been a challenging problem due to ex...

Celý popis

Uložené v:

Podrobná bibliografia
Vydané v:	Computers & security Ročník 60; s. 206 - 225
Hlavní autori:	Kar, Debabrata, Panigrahi, Suvasini, Sundararajan, Srikanth
Médium:	Journal Article
Jazyk:	English
Vydavateľské údaje:	Amsterdam Elsevier Ltd 01.07.2016 Elsevier Sequoia S.A
Predmet:	Applications programs Codes Cybersecurity Database firewall Graph of tokens Graphs Heterogeneity Mathematical analysis Node centrality Queries Query languages Query token graph Software SQL injection attack SQL injection detection Structured Query Language-SQL Studies Support vector machine Support vector machines SQL injection attack Query token graph Node centrality Support vector machine SQL injection detection Database firewall Graph of tokens
ISSN:	0167-4048, 1872-6208
On-line prístup:	Získať plný text
Tagy:	Pridať tag Žiadne tagy, Buďte prvý, kto otaguje tento záznam!

Abstract	SQL injection attacks have been predominant on web databases since the last 15 years. Exploiting input validation flaws, attackers inject SQL code through the front-end of websites and steal data from the back-end databases. Detection of SQL injection attacks has been a challenging problem due to extreme heterogeneity of the attack vectors. In this paper, we present a novel approach to detect injection attacks by modeling SQL queries as graph of tokens and using the centrality measure of nodes to train a Support Vector Machine (SVM). We explore different methods of creating token graphs and propose alternative designs of the system comprising of single and multiple SVMs. The system is designed to work at the database firewall layer and can protect multiple web applications in a shared hosting scenario. Though we focus primarily on web applications developed with PHP and MySQL, the approach can be easily ported to other platforms. The experimental results demonstrate that this technique can effectively identify malicious SQL queries with negligible performance overhead.
AbstractList	SQL injection attacks have been predominant on web databases since the last 15 years. Exploiting input validation flaws, attackers inject SQL code through the front-end of websites and steal data from the back-end databases. Detection of SQL injection attacks has been a challenging problem due to extreme heterogeneity of the attack vectors. In this paper, we present a novel approach to detect injection attacks by modeling SQL queries as graph of tokens and using the centrality measure of nodes to train a Support Vector Machine (SVM). We explore different methods of creating token graphs and propose alternative designs of the system comprising of single and multiple SVMs. The system is designed to work at the database firewall layer and can protect multiple web applications in a shared hosting scenario. Though we focus primarily on web applications developed with PHP and MySQL, the approach can be easily ported to other platforms. The experimental results demonstrate that this technique can effectively identify malicious SQL queries with negligible performance overhead.
Author	Kar, Debabrata Panigrahi, Suvasini Sundararajan, Srikanth
Author_xml	– sequence: 1 givenname: Debabrata orcidid: 0000-0003-4177-9527 surname: Kar fullname: Kar, Debabrata email: debabrata.kar@silicon.ac.in organization: Department of Computer Science and Engineering, Silicon Institute of Technology, Bhubaneswar, India – sequence: 2 givenname: Suvasini surname: Panigrahi fullname: Panigrahi, Suvasini organization: Department of Computer Science & Engineering & IT, VSS University of Technology, Burla, Sambalpur, India – sequence: 3 givenname: Srikanth surname: Sundararajan fullname: Sundararajan, Srikanth organization: Indian Institute of Technology, Bhubaneswar, India
BookMark	eNp9kMtOxCAUhokZE8fLC7giceOmFVraUuPGjNdkjDGjbgmlp0qtMAI18e2lGVcuhg2X838nh28fzYw1gNAxJSkltDzrU2U9pFk8p4SlhBQ7aE55lSVlRvgMzWOhShhhfA_te98TQquS8zm6WT0t9a19PsdXEEAFbd5wfMLa9NPNGixDkOrD49FPtTcn1-_YdjjYDzAeS9Pi1evDIdrt5ODh6G8_QC8318-Lu2T5eHu_uFwmKi9pSEpK8qxuGsUKKYFAkzMl6yproFFFS1UjoSVMloryjvAyLxrF49BK0o5R1sr8AJ1u-q6d_RrBB_GpvYJhkAbs6AXlWcHquiI8Rk_-RXs7OhOnE7Sq8zqr44opvkkpZ7130Amlg5w-HpzUg6BETIJFLybBYhIsCBNRcESzf-ja6U_pfrZDFxsIoqVvDU54pcEoaLWLwkVr9Tb8F6rblWw
CODEN	CPSEDU
CitedBy_id	crossref_primary_10_3390_fi15040133 crossref_primary_10_1038_s41598_024_74350_3 crossref_primary_10_1109_TR_2019_2925415 crossref_primary_10_1145_3332371 crossref_primary_10_4018_IJISP_2020040102 crossref_primary_10_1016_j_fraope_2023_100041 crossref_primary_10_1080_19393555_2021_1995537 crossref_primary_10_3390_app10103440 crossref_primary_10_1109_TII_2020_3038761 crossref_primary_10_3390_jcp2040039 crossref_primary_10_1016_j_jisa_2018_04_001 crossref_primary_10_1049_2024_5565950 crossref_primary_10_1109_TIFS_2025_3583234 crossref_primary_10_52589_BJCNIT_R5YYKXKA crossref_primary_10_1109_ACCESS_2024_3438092 crossref_primary_10_1016_j_cose_2021_102218 crossref_primary_10_1186_s40537_022_00678_0 crossref_primary_10_1109_ACCESS_2021_3125785 crossref_primary_10_1109_TIFS_2024_3350911 crossref_primary_10_1109_ACCESS_2019_2947527
Cites_doi	10.1007/s10791-011-9172-x 10.1007/BF00994018 10.3233/JCS-2009-0321 10.1016/j.eswa.2014.02.041 10.1016/j.ins.2011.06.020 10.1016/j.socnet.2004.11.008 10.1145/1698750.1698754 10.1016/j.socnet.2005.11.005 10.1016/j.infsof.2008.08.002 10.1109/TDSC.2011.59 10.1016/0378-8733(78)90021-7 10.1016/j.cose.2011.12.013
ContentType	Journal Article
Copyright	2016 Elsevier Ltd Copyright Elsevier Sequoia S.A. Jul 2016
Copyright_xml	– notice: 2016 Elsevier Ltd – notice: Copyright Elsevier Sequoia S.A. Jul 2016
DBID	AAYXX CITATION 7SC 8FD JQ2 K7. L7M L~C L~D
DOI	10.1016/j.cose.2016.04.005
DatabaseName	CrossRef Computer and Information Systems Abstracts Technology Research Database ProQuest Computer Science Collection ProQuest Criminal Justice (Alumni) Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional
DatabaseTitle	CrossRef ProQuest Criminal Justice (Alumni) Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest Computer Science Collection Computer and Information Systems Abstracts Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Professional
DatabaseTitleList	ProQuest Criminal Justice (Alumni) Computer and Information Systems Abstracts
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISSN	1872-6208
EndPage	225
ExternalDocumentID	4079097281 10_1016_j_cose_2016_04_005 S0167404816300451
Genre	Feature
GroupedDBID	--K --M -~X .DC .~1 0R~ 1B1 1RT 1~. 1~5 29F 4.4 457 4G. 5GY 5VS 7-5 71M 8P~ 9JN AACTN AAEDT AAEDW AAIAV AAIKJ AAKOC AALRI AAOAW AAQFI AAQXK AAXUO AAYFN ABBOA ABFSI ABMAC ABXDB ABYKQ ACDAQ ACGFO ACGFS ACNNM ACRLP ACZNC ADBBV ADEZE ADHUB ADJOM ADMUD AEBSH AEKER AENEX AFFNX AFKWA AFTJW AGHFR AGUBO AGYEJ AHHHB AHZHX AIALX AIEXJ AIKHN AITUG AJBFU AJOXV ALMA_UNASSIGNED_HOLDINGS AMFUW AMRAJ AOUOD ASPBG AVWKF AXJTR AZFZN BKOJK BKOMP BLXMC CS3 DU5 E.L EBS EFJIC EFLBG EJD EO8 EO9 EP2 EP3 FDB FEDTE FGOYB FIRID FNPLU FYGXN G-2 G-Q GBLVA GBOLZ HLX HLZ HVGLF HZ~ IHE J1W KOM LG8 LG9 M41 MO0 MS~ N9A O-L O9- OAUVE OZT P-8 P-9 P2P PC. PQQKQ Q38 R2- RIG RNS ROL RPZ RXW SBC SBM SDF SDG SDP SES SEW SPC SPCBC SSV SSZ T5K TAE TN5 TWZ WH7 WUQ XJE XPP XSW YK3 ZMT ~G- 9DU AATTM AAXKI AAYWO AAYXX ABJNI ABWVN ACLOT ACRPL ACVFH ADCNI ADNMO AEIPS AEUPX AFJKZ AFPUW AGQPQ AIGII AIIUN AKBMS AKRWK AKYEP ANKPU APXCP CITATION EFKBS ~HD 7SC 8FD JQ2 K7. L7M L~C L~D
ID	FETCH-LOGICAL-c361t-610329bbc45aae0eb34ca972bebc5d1cbaed04a6c18f08635bc8404ca1f414da3
ISICitedReferencesCount	48
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000378438600013&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	0167-4048
IngestDate	Wed Oct 01 14:15:55 EDT 2025 Thu Nov 20 01:09:25 EST 2025 Tue Nov 18 21:05:09 EST 2025 Sat Nov 29 05:55:41 EST 2025 Fri Feb 23 02:33:37 EST 2024
IsPeerReviewed	true
IsScholarly	true
Keywords	SQL injection attack Query token graph Node centrality Support vector machine SQL injection detection Database firewall Graph of tokens
Language	English
LinkModel	OpenURL
MergedId	FETCHMERGED-LOGICAL-c361t-610329bbc45aae0eb34ca972bebc5d1cbaed04a6c18f08635bc8404ca1f414da3
Notes	SourceType-Scholarly Journals-1 ObjectType-Feature-1 content type line 14 ObjectType-Article-1 ObjectType-Feature-2 content type line 23
ORCID	0000-0003-4177-9527
PQID	1793929999
PQPubID	46289
PageCount	20
ParticipantIDs	proquest_miscellaneous_1825499708 proquest_journals_1793929999 crossref_citationtrail_10_1016_j_cose_2016_04_005 crossref_primary_10_1016_j_cose_2016_04_005 elsevier_sciencedirect_doi_10_1016_j_cose_2016_04_005
PublicationCentury	2000
PublicationDate	July 2016 2016-07-00 20160701
PublicationDateYYYYMMDD	2016-07-01
PublicationDate_xml	– month: 07 year: 2016 text: July 2016
PublicationDecade	2010
PublicationPlace	Amsterdam
PublicationPlace_xml	– name: Amsterdam
PublicationTitle	Computers & security
PublicationYear	2016
Publisher	Elsevier Ltd Elsevier Sequoia S.A
Publisher_xml	– name: Elsevier Ltd – name: Elsevier Sequoia S.A
References	Kar, Panigrahi, Sundararajan (bib0130) 2015 Shahriar, North, Chen (bib0245) 2013 Maor, Shulman (bib0185) 2004 Kim, Lee (bib0140) 2014; 41 Boyd, Keromytis (bib0060) 2004 Choi, Kim, Choi, Kim (bib0080) 2011 Schölkopf, Smola (bib0240) 2001 Borgatti, Everett (bib0055) 2006; 28 Gauci, Henrique (bib0105) 2014 Lupták (bib0170) 2011 Jovanovic, Kruegel, Kirda (bib0125) 2006 Dahse (bib0095) 2010 Moosa (bib0200) 2010; 64 Chang, Lin (bib0075) 2011; 2 TrustWave (bib0265) 2013 Makiou, Begriche, Serhrouchni (bib0180) 2014 Ruse, Sarkar, Basu (bib0220) 2010 Bisht, Sistla, Venkatakrishnan (bib0035) 2010 TrustWave (bib0270) 2015 Wang, Li (bib9000) 2012; 6 Halfond, Viegas, Orso (bib0115) 2006 Cortes, Vapnik (bib0085) 1995; 20 Thomas, Williams, Xie (bib0260) 2009; 51 Palshikar (bib0205) 2007 Wang, Li (bib0290) 2012 Bockermann, Apel, Meier (bib0045) 2009 Kozik, Choraś (bib0145) 2014 Vigna, Valeur, Balzarotti, Robertson, Kruegel, Kirda (bib0275) 2009; 17 Bisht, Hinrichs, Skrupsky, Bobrowicz, Venkatakrishnan (bib0025) 2010 Long, Gardner, Brown (bib0160) 2011; vol. 2 Vishwanathan, Schraudolph, Kondor, Borgwardt (bib0280) 2010; 11 Shin, Williams, Xie (bib0250) 2006 Borgatti (bib0050) 2005; 27 Freeman (bib0100) 1979; 1 Quartini, Rondini (bib0215) 2011 Schmitt, Schinzel (bib0225) 2012 Wang, Do, Lin (bib0285) 2005 Le, Stavrou, Kang (bib0150) 2012; 9 Wei, Muthuprasanna, Kothari (bib0300) 2006 Buehrer, Weide, Sivilotti (bib0065) 2005 Mihalcea, Radev (bib0195) 2011 Benedikt, Freire, Godefroid (bib0015) 2002 Halfond, Orso (bib0110) 2005 Cova, Balzarotti, Felmetsger, Vigna (bib0090) 2007 Liu, Yuan, Wijesekera, Stavrou (bib0155) 2009 Hsu, Chang, Lin (bib0120) 2003 Sun, Beznosov (bib0255) 2008 Kemalis, Tzouramanis (bib0135) 2008 Wassermann, Yu, Chander, Dhurjati, Inamura, Su (bib0295) 2008 Scholte, Robertson, Balzarotti, Kirda (bib0235) 2012 Zhang, Lin, Chen, Hwang, Huang, Hsu (bib0305) 2011 Alserhani, Akhlaq, Awan, Cullen (bib0010) 2011 Bertino, Kamra, Early (bib0020) 2007 Bisht, Madhusudan, Venkatakrishnan (bib0030) 2010; 13 Low, Lee, Teoh (bib0165) 2002 Maciejak, Lovet (bib0175) 2009 Scholte, Balzarotti, Kirda (bib0230) 2012; 31 Carettoni, Paola (bib0070) 2009 Blanco, Lioma (bib0040) 2012; 15 McClure, Kruger (bib0190) 2005 Pinzón, De Paz, Herrero, Corchado, Bajo, Corchado (bib0210) 2013; 231 Ruse (10.1016/j.cose.2016.04.005_bib0220) 2010 Borgatti (10.1016/j.cose.2016.04.005_bib0050) 2005; 27 McClure (10.1016/j.cose.2016.04.005_bib0190) 2005 Wei (10.1016/j.cose.2016.04.005_bib0300) 2006 Hsu (10.1016/j.cose.2016.04.005_bib0120) Choi (10.1016/j.cose.2016.04.005_bib0080) 2011 Zhang (10.1016/j.cose.2016.04.005_bib0305) 2011 Schölkopf (10.1016/j.cose.2016.04.005_bib0240) 2001 Wassermann (10.1016/j.cose.2016.04.005_bib0295) 2008 Vishwanathan (10.1016/j.cose.2016.04.005_bib0280) 2010; 11 Kemalis (10.1016/j.cose.2016.04.005_bib0135) 2008 Dahse (10.1016/j.cose.2016.04.005_bib0095) Jovanovic (10.1016/j.cose.2016.04.005_bib0125) 2006 TrustWave (10.1016/j.cose.2016.04.005_bib0270) Low (10.1016/j.cose.2016.04.005_bib0165) 2002 Palshikar (10.1016/j.cose.2016.04.005_bib0205) 2007 Quartini (10.1016/j.cose.2016.04.005_bib0215) Scholte (10.1016/j.cose.2016.04.005_bib0230) 2012; 31 Wang (10.1016/j.cose.2016.04.005_bib0285) 2005 Freeman (10.1016/j.cose.2016.04.005_bib0100) 1979; 1 Kozik (10.1016/j.cose.2016.04.005_bib0145) 2014 Shin (10.1016/j.cose.2016.04.005_bib0250) 2006 Mihalcea (10.1016/j.cose.2016.04.005_bib0195) 2011 Halfond (10.1016/j.cose.2016.04.005_bib0110) 2005 Alserhani (10.1016/j.cose.2016.04.005_bib0010) 2011 Bisht (10.1016/j.cose.2016.04.005_bib0025) 2010 Gauci (10.1016/j.cose.2016.04.005_bib0105) Bockermann (10.1016/j.cose.2016.04.005_bib0045) 2009 Wang (10.1016/j.cose.2016.04.005_bib0290) 2012 Bisht (10.1016/j.cose.2016.04.005_bib0030) 2010; 13 Blanco (10.1016/j.cose.2016.04.005_bib0040) 2012; 15 Pinzón (10.1016/j.cose.2016.04.005_bib0210) 2013; 231 Cortes (10.1016/j.cose.2016.04.005_bib0085) 1995; 20 Kim (10.1016/j.cose.2016.04.005_bib0140) 2014; 41 Le (10.1016/j.cose.2016.04.005_bib0150) 2012; 9 Schmitt (10.1016/j.cose.2016.04.005_bib0225) 2012 Chang (10.1016/j.cose.2016.04.005_bib0075) 2011; 2 Thomas (10.1016/j.cose.2016.04.005_bib0260) 2009; 51 Wang (10.1016/j.cose.2016.04.005_bib9000) 2012; 6 Kar (10.1016/j.cose.2016.04.005_bib0130) 2015 Makiou (10.1016/j.cose.2016.04.005_bib0180) 2014 Bertino (10.1016/j.cose.2016.04.005_bib0020) 2007 Borgatti (10.1016/j.cose.2016.04.005_bib0055) 2006; 28 Buehrer (10.1016/j.cose.2016.04.005_bib0065) 2005 Carettoni (10.1016/j.cose.2016.04.005_bib0070) Scholte (10.1016/j.cose.2016.04.005_bib0235) 2012 Shahriar (10.1016/j.cose.2016.04.005_bib0245) 2013 Moosa (10.1016/j.cose.2016.04.005_bib0200) 2010; 64 Maor (10.1016/j.cose.2016.04.005_bib0185) Liu (10.1016/j.cose.2016.04.005_bib0155) 2009 Sun (10.1016/j.cose.2016.04.005_bib0255) 2008 Maciejak (10.1016/j.cose.2016.04.005_bib0175) 2009 TrustWave (10.1016/j.cose.2016.04.005_bib0265) Bisht (10.1016/j.cose.2016.04.005_bib0035) 2010 Benedikt (10.1016/j.cose.2016.04.005_bib0015) 2002 Boyd (10.1016/j.cose.2016.04.005_bib0060) 2004 Vigna (10.1016/j.cose.2016.04.005_bib0275) 2009; 17 Long (10.1016/j.cose.2016.04.005_bib0160) 2011; vol. 2 Halfond (10.1016/j.cose.2016.04.005_bib0115) 2006 Cova (10.1016/j.cose.2016.04.005_bib0090) 2007 Lupták (10.1016/j.cose.2016.04.005_bib0170) 2011
References_xml	– volume: 51 start-page: 589 year: 2009 end-page: 598 ident: bib0260 article-title: On automated prepared statement generation to remove SQL injection vulnerabilities publication-title: Inf Softw Technol – start-page: 257 year: 2006 end-page: 263 ident: bib0125 article-title: Pixy: a static analysis tool for detecting web application vulnerabilities – start-page: 264 year: 2012 end-page: 274 ident: bib0290 article-title: SQL injection detection via program tracing and machine learning publication-title: Internet and distributed computing systems – volume: 9 start-page: 512 year: 2012 end-page: 525 ident: bib0150 article-title: Doubleguard: detecting intrusions in multitier web applications publication-title: IEEE Trans Dependable Secure Comput – volume: vol. 2 year: 2011 ident: bib0160 publication-title: Google hacking for penetration testers – volume: 28 start-page: 466 year: 2006 end-page: 484 ident: bib0055 article-title: A graph-theoretic perspective on centrality publication-title: Soc Networks – volume: 31 start-page: 344 year: 2012 end-page: 356 ident: bib0230 article-title: Have things changed now? An empirical study on input validation vulnerabilities in web applications publication-title: Comput Secur – start-page: 106 year: 2005 end-page: 113 ident: bib0065 article-title: Using parse tree validation to prevent SQL injection attacks publication-title: Proceedings of the 5th international workshop on software engineering and middleware – year: 2009 ident: bib0070 article-title: HTTP parameter pollution – volume: 1 start-page: 215 year: 1979 end-page: 239 ident: bib0100 article-title: Centrality in social networks conceptual clarification publication-title: Soc Networks – volume: 27 start-page: 55 year: 2005 end-page: 71 ident: bib0050 article-title: Centrality and network flow publication-title: Soc Networks – start-page: 503 year: 2007 end-page: 510 ident: bib0205 article-title: Keyword extraction from a single document using centrality measures publication-title: Pattern recognition and machine intelligence – volume: 41 start-page: 5416 year: 2014 end-page: 5430 ident: bib0140 article-title: Data-mining based SQL injection attack detection using internal query trees publication-title: Expert Syst Appl – start-page: 175 year: 2011 end-page: 182 ident: bib0010 article-title: Event-based Alert Correlation System to Detect SQLI Activities – start-page: 79 year: 2011 end-page: 88 ident: bib0170 article-title: Bypassing web application firewalls – year: 2011 ident: bib0195 article-title: Graph-based natural language processing and information retrieval – volume: 20 start-page: 273 year: 1995 end-page: 297 ident: bib0085 article-title: Support-vector networks publication-title: Mach Learn – start-page: 272 year: 2010 end-page: 288 ident: bib0035 article-title: Automatically preparing safe SQL queries publication-title: Financial cryptography and data security – start-page: 391 year: 2014 end-page: 398 ident: bib0145 article-title: Machine learning techniques for cyber attacks detection publication-title: Image processing and communications challenges 5 – year: 2015 ident: bib0270 article-title: Trustwave 2015 global security report – start-page: 248 year: 2011 end-page: 251 ident: bib0305 article-title: TransSQL: a translation and validation-based solution for SQL-injection attacks – year: 2013 ident: bib0265 article-title: Executive summary: trustwave 2013 global security report – volume: 11 start-page: 1201 year: 2010 end-page: 1242 ident: bib0280 article-title: Graph kernels publication-title: J Mach Learn Res – year: 2014 ident: bib0105 article-title: WAFW00F identifies and fingerprints Web Application Firewall (WAF) products – start-page: 35 year: 2014 end-page: 40 ident: bib0180 article-title: Improving web application firewalls to detect advanced sql injection attacks – year: 2002 ident: bib0015 article-title: VeriWeb: Automatically Testing Dynamic Web Sites – start-page: 233 year: 2012 end-page: 243 ident: bib0235 article-title: Preventing input validation vulnerabilities in web applications through automated type analysis – start-page: 19 year: 2005 end-page: 30 ident: bib0285 article-title: Term graph model for text classification publication-title: Advanced data mining and applications – start-page: 449 year: 2007 end-page: 458 ident: bib0020 article-title: Profiling Database Application to Detect SQL Injection Attacks – volume: 15 start-page: 54 year: 2012 end-page: 92 ident: bib0040 article-title: Graph-based term weighting for information retrieval publication-title: Inf Retrieval – start-page: 377 year: 2015 end-page: 390 ident: bib0130 article-title: SQLiDDS: SQL injection detection using query transformation and document similarity publication-title: Distributed computing and internet technology – start-page: 191 year: 2006 end-page: 198 ident: bib0300 article-title: Preventing SQL injection attacks in stored procedures – start-page: 618 year: 2011 end-page: 621 ident: bib0080 article-title: Efficient Malicious Code Detection Using N-Gram Analysis and SVM – year: 2010 ident: bib0095 article-title: Exploiting hard filtered SQL injections – start-page: 63 year: 2007 end-page: 86 ident: bib0090 article-title: Swaddler: an approach for the anomaly-based detection of state violations in web applications publication-title: Recent advances in intrusion detection – volume: 231 start-page: 15 year: 2013 end-page: 31 ident: bib0210 article-title: idMAS-SQL: intrusion detection based on mas to detect and block sql injection through data mining publication-title: Inf Sci (Ny) – volume: 13 start-page: 14 year: 2010 ident: bib0030 article-title: CANDID: dynamic candidate evaluations for automatic prevention of SQL injection attacks publication-title: ACM Trans Inf Syst Secur (TISSEC) – start-page: 31 year: 2010 end-page: 37 ident: bib0220 article-title: Analysis & detection of SQL injection vulnerabilities via automatic test case generation of programs – start-page: 2153 year: 2008 end-page: 2158 ident: bib0135 article-title: SQL-IDS: a specification-based approach for SQL-injection detection publication-title: Proceedings of the 2008 ACM symposium on applied computing – volume: 2 start-page: 27 year: 2011 ident: bib0075 article-title: Libsvm: a library for support vector machines publication-title: ACM Trans Intell Syst Technol (TIST) – start-page: 265 year: 2002 end-page: 267 ident: bib0165 article-title: DIDAFIT: Detecting intrusions in databases through fingerprinting transactions – year: 2003 ident: bib0120 article-title: A practical guide to support vector classification – start-page: 12 year: 2006 end-page: 23 ident: bib0115 article-title: A classification of SQL-injection attacks and countermeasures – year: 2004 ident: bib0185 article-title: SQL injection signatures evasion (white paper) – volume: 17 start-page: 305 year: 2009 end-page: 329 ident: bib0275 article-title: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries publication-title: J Comput Secur – start-page: 34 year: 2012 end-page: 40 ident: bib0225 article-title: WAFFle: fingerprinting filter rules of web application firewalls – start-page: 292 year: 2004 end-page: 302 ident: bib0060 article-title: SQLrand: preventing SQL injection attacks publication-title: Applied cryptography and network security – year: 2011 ident: bib0215 article-title: Blind SQL injection with regular expressions attack – volume: 6 start-page: 191 year: 2012 end-page: 196 ident: bib9000 article-title: SQL injection detection with composite kernel in support vector machine publication-title: Int. J. Sec. Appl – start-page: 512 year: 2013 end-page: 517 ident: bib0245 article-title: Client-side detection of sql injection attack publication-title: Advanced information systems engineering workshops – year: 2006 ident: bib0250 article-title: SQLUnitgen: Test case generation for SQL injection detection – start-page: 2054 year: 2009 end-page: 2061 ident: bib0155 article-title: SQLProb: a proxy-based architecture towards preventing SQL injection attacks publication-title: Proceedings of the 2009 ACM symposium on applied computing – volume: 64 start-page: 12 year: 2010 end-page: 21 ident: bib0200 article-title: Artificial neural network based web application firewall for sql injection publication-title: World Acad Sci Eng Technol – year: 2001 ident: bib0240 article-title: Learning with kernels: support vector machines, regularization, optimization, and beyond – start-page: 174 year: 2005 end-page: 183 ident: bib0110 article-title: AMNESIA: Analysis and Monitoring for NEutralizing SQL-Injection Attacks – start-page: 88 year: 2005 end-page: 96 ident: bib0190 article-title: SQL DOM: compile time checking of dynamic SQL statements – start-page: 607 year: 2010 end-page: 618 ident: bib0025 article-title: NoTamper: Automatic Blackbox Detection of Parameter Tampering Opportunities in Web Applications – start-page: 286 year: 2009 end-page: 288 ident: bib0175 article-title: Botnet-powered Sql injection attacks: a deeper look within – start-page: 249 year: 2008 end-page: 260 ident: bib0295 article-title: Dynamic test input generation for web applications publication-title: Proceedings of the 2008 international symposium on software testing and analysis – start-page: 196 year: 2009 end-page: 205 ident: bib0045 article-title: Learning SQL for database intrusion detection using context-sensitive modelling publication-title: Detection of intrusions and malware, and vulnerability assessment – year: 2008 ident: bib0255 article-title: SQLPrevent: effective dynamic detection and prevention of SQL injection attacks without access to the application source code – start-page: 272 year: 2010 ident: 10.1016/j.cose.2016.04.005_bib0035 article-title: Automatically preparing safe SQL queries – start-page: 12 year: 2006 ident: 10.1016/j.cose.2016.04.005_bib0115 – start-page: 257 year: 2006 ident: 10.1016/j.cose.2016.04.005_bib0125 – ident: 10.1016/j.cose.2016.04.005_bib0265 – start-page: 249 year: 2008 ident: 10.1016/j.cose.2016.04.005_bib0295 article-title: Dynamic test input generation for web applications – start-page: 2153 year: 2008 ident: 10.1016/j.cose.2016.04.005_bib0135 article-title: SQL-IDS: a specification-based approach for SQL-injection detection – volume: 15 start-page: 54 issue: 1 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib0040 article-title: Graph-based term weighting for information retrieval publication-title: Inf Retrieval doi: 10.1007/s10791-011-9172-x – start-page: 618 year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0080 – volume: 2 start-page: 27 issue: 3 year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0075 article-title: Libsvm: a library for support vector machines publication-title: ACM Trans Intell Syst Technol (TIST) – start-page: 292 year: 2004 ident: 10.1016/j.cose.2016.04.005_bib0060 article-title: SQLrand: preventing SQL injection attacks – start-page: 233 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib0235 – volume: 20 start-page: 273 issue: 3 year: 1995 ident: 10.1016/j.cose.2016.04.005_bib0085 article-title: Support-vector networks publication-title: Mach Learn doi: 10.1007/BF00994018 – ident: 10.1016/j.cose.2016.04.005_bib0120 – start-page: 34 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib0225 – start-page: 35 year: 2014 ident: 10.1016/j.cose.2016.04.005_bib0180 – start-page: 63 year: 2007 ident: 10.1016/j.cose.2016.04.005_bib0090 article-title: Swaddler: an approach for the anomaly-based detection of state violations in web applications – start-page: 79 year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0170 – start-page: 377 year: 2015 ident: 10.1016/j.cose.2016.04.005_bib0130 article-title: SQLiDDS: SQL injection detection using query transformation and document similarity – start-page: 391 year: 2014 ident: 10.1016/j.cose.2016.04.005_bib0145 article-title: Machine learning techniques for cyber attacks detection – volume: 17 start-page: 305 issue: 3 year: 2009 ident: 10.1016/j.cose.2016.04.005_bib0275 article-title: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries publication-title: J Comput Secur doi: 10.3233/JCS-2009-0321 – start-page: 265 year: 2002 ident: 10.1016/j.cose.2016.04.005_bib0165 – volume: vol. 2 year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0160 – start-page: 607 year: 2010 ident: 10.1016/j.cose.2016.04.005_bib0025 – ident: 10.1016/j.cose.2016.04.005_bib0185 – start-page: 191 year: 2006 ident: 10.1016/j.cose.2016.04.005_bib0300 – volume: 41 start-page: 5416 issue: 11 year: 2014 ident: 10.1016/j.cose.2016.04.005_bib0140 article-title: Data-mining based SQL injection attack detection using internal query trees publication-title: Expert Syst Appl doi: 10.1016/j.eswa.2014.02.041 – start-page: 512 year: 2013 ident: 10.1016/j.cose.2016.04.005_bib0245 article-title: Client-side detection of sql injection attack – volume: 231 start-page: 15 year: 2013 ident: 10.1016/j.cose.2016.04.005_bib0210 article-title: idMAS-SQL: intrusion detection based on mas to detect and block sql injection through data mining publication-title: Inf Sci (Ny) doi: 10.1016/j.ins.2011.06.020 – volume: 6 start-page: 191 issue: 2 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib9000 article-title: SQL injection detection with composite kernel in support vector machine publication-title: Int. J. Sec. Appl – ident: 10.1016/j.cose.2016.04.005_bib0105 – year: 2001 ident: 10.1016/j.cose.2016.04.005_bib0240 – volume: 27 start-page: 55 issue: 1 year: 2005 ident: 10.1016/j.cose.2016.04.005_bib0050 article-title: Centrality and network flow publication-title: Soc Networks doi: 10.1016/j.socnet.2004.11.008 – year: 2006 ident: 10.1016/j.cose.2016.04.005_bib0250 – ident: 10.1016/j.cose.2016.04.005_bib0070 – volume: 13 start-page: 14 issue: 2 year: 2010 ident: 10.1016/j.cose.2016.04.005_bib0030 article-title: CANDID: dynamic candidate evaluations for automatic prevention of SQL injection attacks publication-title: ACM Trans Inf Syst Secur (TISSEC) doi: 10.1145/1698750.1698754 – volume: 64 start-page: 12 year: 2010 ident: 10.1016/j.cose.2016.04.005_bib0200 article-title: Artificial neural network based web application firewall for sql injection publication-title: World Acad Sci Eng Technol – volume: 28 start-page: 466 issue: 4 year: 2006 ident: 10.1016/j.cose.2016.04.005_bib0055 article-title: A graph-theoretic perspective on centrality publication-title: Soc Networks doi: 10.1016/j.socnet.2005.11.005 – volume: 51 start-page: 589 issue: 3 year: 2009 ident: 10.1016/j.cose.2016.04.005_bib0260 article-title: On automated prepared statement generation to remove SQL injection vulnerabilities publication-title: Inf Softw Technol doi: 10.1016/j.infsof.2008.08.002 – start-page: 174 year: 2005 ident: 10.1016/j.cose.2016.04.005_bib0110 – start-page: 248 year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0305 – ident: 10.1016/j.cose.2016.04.005_bib0215 – volume: 11 start-page: 1201 year: 2010 ident: 10.1016/j.cose.2016.04.005_bib0280 article-title: Graph kernels publication-title: J Mach Learn Res – year: 2002 ident: 10.1016/j.cose.2016.04.005_bib0015 – year: 2008 ident: 10.1016/j.cose.2016.04.005_bib0255 – start-page: 2054 year: 2009 ident: 10.1016/j.cose.2016.04.005_bib0155 article-title: SQLProb: a proxy-based architecture towards preventing SQL injection attacks – start-page: 106 year: 2005 ident: 10.1016/j.cose.2016.04.005_bib0065 article-title: Using parse tree validation to prevent SQL injection attacks – year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0195 – start-page: 449 year: 2007 ident: 10.1016/j.cose.2016.04.005_bib0020 – start-page: 196 year: 2009 ident: 10.1016/j.cose.2016.04.005_bib0045 article-title: Learning SQL for database intrusion detection using context-sensitive modelling – ident: 10.1016/j.cose.2016.04.005_bib0270 – start-page: 88 year: 2005 ident: 10.1016/j.cose.2016.04.005_bib0190 – start-page: 19 year: 2005 ident: 10.1016/j.cose.2016.04.005_bib0285 article-title: Term graph model for text classification – volume: 9 start-page: 512 issue: 4 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib0150 article-title: Doubleguard: detecting intrusions in multitier web applications publication-title: IEEE Trans Dependable Secure Comput doi: 10.1109/TDSC.2011.59 – volume: 1 start-page: 215 issue: 3 year: 1979 ident: 10.1016/j.cose.2016.04.005_bib0100 article-title: Centrality in social networks conceptual clarification publication-title: Soc Networks doi: 10.1016/0378-8733(78)90021-7 – start-page: 175 year: 2011 ident: 10.1016/j.cose.2016.04.005_bib0010 – start-page: 31 year: 2010 ident: 10.1016/j.cose.2016.04.005_bib0220 – volume: 31 start-page: 344 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib0230 article-title: Have things changed now? An empirical study on input validation vulnerabilities in web applications publication-title: Comput Secur doi: 10.1016/j.cose.2011.12.013 – start-page: 503 year: 2007 ident: 10.1016/j.cose.2016.04.005_bib0205 article-title: Keyword extraction from a single document using centrality measures – start-page: 286 year: 2009 ident: 10.1016/j.cose.2016.04.005_bib0175 – ident: 10.1016/j.cose.2016.04.005_bib0095 – start-page: 264 year: 2012 ident: 10.1016/j.cose.2016.04.005_bib0290 article-title: SQL injection detection via program tracing and machine learning
SSID	ssj0017688
Score	2.340539
Snippet	SQL injection attacks have been predominant on web databases since the last 15 years. Exploiting input validation flaws, attackers inject SQL code through the...
SourceID	proquest crossref elsevier
SourceType	Aggregation Database Enrichment Source Index Database Publisher
StartPage	206
SubjectTerms	Applications programs Codes Cybersecurity Database firewall Graph of tokens Graphs Heterogeneity Mathematical analysis Node centrality Queries Query languages Query token graph Software SQL injection attack SQL injection detection Structured Query Language-SQL Studies Support vector machine Support vector machines
Title	SQLiGoT: Detecting SQL injection attacks using graph of tokens and SVM
URI	https://dx.doi.org/10.1016/j.cose.2016.04.005 https://www.proquest.com/docview/1793929999 https://www.proquest.com/docview/1825499708
Volume	60
WOSCitedRecordID	wos000378438600013&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVESC databaseName: Elsevier SD Freedom Collection Journals 2021 customDbUrl: eissn: 1872-6208 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0017688 issn: 0167-4048 databaseCode: AIEXJ dateStart: 19950101 isFulltext: true titleUrlDefault: https://www.sciencedirect.com providerName: Elsevier
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1bb9owFLZYu4e97D6NrZs8aX1CqRKci7M3tMIuYqwVdOLNso2jhVYJhYD6S_Z7d3xJYJ2GtoeBFCEnNnDO52Ofi89B6C1RkQKNK_G6RCgvjEjq0TgSnspUBlqzgEXRVC0ZJqMRnU7Ts1brR30WZnOVFAW9uUkX_5XV0AbM1kdn_4HdzaDQAJ-B6XAFtsP1rxg_Ph_mH8qJVvVPlXYRmJzb58NOXsyVKwxeVfpofWdtDAUmZ7WJFSgvQam1wZzfvuxuW-vaDyuDlJWredcIaxukDaKLg-5dNYL-jBc5DG7KBoOE2nD4unzrhdImDHjPnQl2mV8Cl7_vmiGCuAlZdbax-nzMWF2vy5x3xie9XbOlzq7u25yaJ8qKWpp0vbjr011ZbGsL1MLU5CL4Xchbe8P8REf06-C82CSr9aPtkla78Udf2eBiOGST_nTy612zgoMym-r0RTQ4JoPFtadrkWmf_TE5tbi4gw67SZSCwD_sfepPPzf-KVDSaJM1Hv6XO45lIwdv_64_bXluLf5mRzN5iO47VQT3LIQeoZYqHqMHNauxk_pP0MAh6h1u8IShCTd4wg5P2OAJGzzhMsMWTxjwhAFPT9HFoD95_9Fz5Tc8SeKg8mKdazEVQoYR58pXgoSSA7WEEjKaBVJwNfNDHsuAZqAYk0hICrSQPMjCIJxx8gwdFGWhniOs5zyRPg9VNgv5LKFEQPeAqyz2Q0FIGwU1hZh0uel1iZQrVgchzpmmKtNUZX7IgKpt1Gn6LGxmlr1PRzXhmdtb2j0jA1Tt7XdUc4m5Sb5ielEDtQJebfSmuQ1yWTvbeKHKNTxjTS-JT1_sH-IluredT0fooFqu1St0V26qfLV87YD3E0zDrCo
linkProvider	Elsevier
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=SQLiGoT%3A+Detecting+SQL+injection+attacks+using+graph+of+tokens+and+SVM&rft.jtitle=Computers+%26+security&rft.au=Kar%2C+Debabrata&rft.au=Panigrahi%2C+Suvasini&rft.au=Sundararajan%2C+Srikanth&rft.date=2016-07-01&rft.pub=Elsevier+Sequoia+S.A&rft.issn=0167-4048&rft.eissn=1872-6208&rft.volume=60&rft.spage=206&rft_id=info:doi/10.1016%2Fj.cose.2016.04.005&rft.externalDBID=NO_FULL_TEXT&rft.externalDocID=4079097281
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0167-4048&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0167-4048&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0167-4048&client=summon