%0 Journal Article %1 IJACSA.2012.030321 %A Shaimaa Ezzat Salama Mohamed I. Marie, Laila M El-Fangary Yehia K Helmy %D 2012 %J International Journal of Advanced Computer Science and Applications(IJACSA) %K SQL anomaly association detection. detection; injection; intrusion rule; %N 3 %T Web Anomaly Misuse Intrusion Detection Framework for SQL Injection Detection %U http://ijacsa.thesai.org/ %V 3 %X Databases at the background of e-commerce applications are vulnerable to SQL injection attack which is considered as one of the most dangerous web attacks. In this paper we propose a framework based on misuse and anomaly detection techniques to detect SQL injection attack. The main idea of this framework is to create a profile for legitimate database behavior extracted from applying association rules on XML file containing queries submitted from application to the database. As a second step in the detection process, the structure of the query under observation will be compared against the legitimate queries stored in the XML file thus minimizing false positive alarms.

@article{IJACSA.2012.030321, abstract = {Databases at the background of e-commerce applications are vulnerable to SQL injection attack which is considered as one of the most dangerous web attacks. In this paper we propose a framework based on misuse and anomaly detection techniques to detect SQL injection attack. The main idea of this framework is to create a profile for legitimate database behavior extracted from applying association rules on XML file containing queries submitted from application to the database. As a second step in the detection process, the structure of the query under observation will be compared against the legitimate queries stored in the XML file thus minimizing false positive alarms. }, added-at = {2014-02-21T08:00:08.000+0100}, author = {{Shaimaa Ezzat Salama Mohamed I. Marie}, Laila M El-Fangary Yehia K Helmy}, biburl = {https://www.bibsonomy.org/bibtex/2e0e877c6c05f09013534c2beaa0c9f8a/thesaiorg}, interhash = {ebc3d3ca686ed008f05543dc2c768c02}, intrahash = {e0e877c6c05f09013534c2beaa0c9f8a}, journal = {International Journal of Advanced Computer Science and Applications(IJACSA)}, keywords = {SQL anomaly association detection. detection; injection; intrusion rule;}, number = 3, timestamp = {2014-02-21T08:00:08.000+0100}, title = {{Web Anomaly Misuse Intrusion Detection Framework for SQL Injection Detection}}, url = {http://ijacsa.thesai.org/}, volume = 3, year = 2012 }