Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.
Digital Object Identifier (DOI) : 10.14569/IJACSA.2012.030321
Article Published in International Journal of Advanced Computer Science and Applications(IJACSA), Volume 3 Issue 3, 2012.
Abstract: Databases at the background of e-commerce applications are vulnerable to SQL injection attack which is considered as one of the most dangerous web attacks. In this paper we propose a framework based on misuse and anomaly detection techniques to detect SQL injection attack. The main idea of this framework is to create a profile for legitimate database behavior extracted from applying association rules on XML file containing queries submitted from application to the database. As a second step in the detection process, the structure of the query under observation will be compared against the legitimate queries stored in the XML file thus minimizing false positive alarms.
Shaimaa Ezzat Salama, Mohamed I. Marie, Laila M. El-Fangary and Yehia K. Helmy, “Web Anomaly Misuse Intrusion Detection Framework for SQL Injection Detection” International Journal of Advanced Computer Science and Applications(IJACSA), 3(3), 2012. http://dx.doi.org/10.14569/IJACSA.2012.030321