Subscribe Now Subscribe Today
Science Alert
 
FOLLOW US:     Facebook     Twitter
Blue
   
Curve Top
Journal of Artificial Intelligence
  Year: 2019 | Volume: 12 | Issue: 1 | Page No.: 11-17
DOI: 10.3923/jai.2019.11.17
A Two-Phase Pattern Matching-parse Tree Validation Approach for Efficient SQL Injection Attacks Detection
Randa Osman Morsi and Mona Farouk Ahmed

Abstract:
Background and Objective: Data is one of the most valuable assets as it is the core for any organization website. SQL Injection Attack (SQLIA) is the way by which hackers gain access to data. An approach was proposed in this paper to efficiently detect SQLIA. Methodology: One of the most powerful algorithms, Parsing Tree validation (PT), depends only on accurate detection but takes much time so combining it with a fast dynamic algorithm with the purpose of learning and storing the malicious input patterns to compare with the next coming inputs will be a great achievement. An algorithm was proposed that is based on the combination of two of the existing detection algorithms: pattern matching algorithm using Aho-Corasick (AC) and PT. Results: Experiments showed that the proposed approach guarantees high accuracy of 99.9%, reasonable time which was 53.6% of PT's time and less memory usage. Conclusion: SQLIA is one of the most severe threats to the database. In general, the approaches that provide the best guard for the database against SQLIA are those that make use of a mix of primitive approaches as this leads to strengthening their merits and improving their weaknesses.
PDF Fulltext XML References Citation Report Citation
How to cite this article:

Randa Osman Morsi and Mona Farouk Ahmed, 2019. A Two-Phase Pattern Matching-parse Tree Validation Approach for Efficient SQL Injection Attacks Detection. Journal of Artificial Intelligence, 12: 11-17.

DOI: 10.3923/jai.2019.11.17

URL: https://scialert.net/abstract/?doi=jai.2019.11.17

 
COMMENT ON THIS PAPER
 
 
 

 

 
 
 
 
 
 
 
 
 

 
 
 
 
 
 

       

       

Curve Bottom