A Countermeasure to SQL Injection Attack for Cloud Environment

被引：18

作者：

Wu, Tsu-Yang ^{[1
]}

Chen, Chien-Ming ^{[1
]}

Sun, Xiuyang ^{[1
]}

Liu, Shuai ^{[1
]}

Lin, Jerry Chun-Wei ^{[2
]}

机构：

[1] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, Shenzhen, Peoples R China

[2] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, IIIRC, Shenzhen, Peoples R China

来源：

WIRELESS PERSONAL COMMUNICATIONS | 2017年 / 96卷 / 04期

基金：

中国国家自然科学基金;

关键词：

Cloud computing; SQL injection attack; Network security; SECURITY;

D O I：

10.1007/s11277-016-3741-7

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Although cloud computing becomes a new computing model, a variety of security threats have been described. Among these threats, SQL injection attack (SQLIA) has received increasing attention recently. In the past, many researchers had proposed several methods to counter SQLIAs. However, these countermeasures of SQLIAs cannot be applied to cloud environments directly. In this paper, we propose a mechanism called CCSD (Cloud Computing SQLIA Detection) to detect SQLIAs. CCSD does not require any access to the application's source code. Hence, it can be directly applied to existing cloud environments. The experimental results demonstrate that CCSD has high accuracy, low false positive rates and low time consumption.

引用

页码：5279 / 5293

页数：15

共 50 条

[41] An Efficient system to stumble on and Mitigate DDoS attack in cloud Environment
Mohan, Manju K.
PROCEEDINGS OF THE 2018 SECOND INTERNATIONAL CONFERENCE ON INVENTIVE COMMUNICATION AND COMPUTATIONAL TECHNOLOGIES (ICICCT), 2018, : 1855 - 1857
[42] Defeating the Distributed Denial of Service Attack in Cloud Environment: A Survey
Divyasree, I. R.
Selvamani, K.
PROCEEDINGS OF 2017 IEEE INTERNATIONAL CONFERENCE ON CIRCUIT ,POWER AND COMPUTING TECHNOLOGIES (ICCPCT), 2017,
[43] SQL injection attack detection:Profiling of web application parameter using the sequence pairwise alignment
Park, Jae-Chul
Noh, Bong-Nam
INFORMATION SECURITY APPLICATIONS, 2006, 4298 : 74 - +
[44] Research on the Technology of Detecting the SQL Injection Attack and Non-Intrusive Prevention in WEB System
Hu, Haibin
MATERIALS SCIENCE, ENERGY TECHNOLOGY, AND POWER ENGINEERING I, 2017, 1839
[45] An Efficient Technique for Detection and Prevention of SQL Injection Attack using ASCII Based String Matching
Balasundaram, Indrani
Ramaraj, E.
INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY AND SYSTEM DESIGN 2011, 2012, 30 : 183 - 190
[46] Data-mining based SQL injection attack detection using internal query trees
Kim, Mi-Yeon
Lee, Dong Hoon
EXPERT SYSTEMS WITH APPLICATIONS, 2014, 41 (11) : 5416 - 5430
[47] Prevention of Runtime Malware Injection Attack in Cloud Using Unsupervised Learning
Prabhavathy, M.
UmaMaheswari, S.
INTELLIGENT AUTOMATION AND SOFT COMPUTING, 2022, 32 (01) : 101 - 114
[48] Machine learning with digital forensics for attack classification in cloud network environment
Shaweta Sachdeva
Aleem Ali
International Journal of System Assurance Engineering and Management, 2022, 13 : 156 - 165
[49] An anomaly-based approach for DDoS attack detection in cloud environment
Rawashdeh, Adnan
Alkasassbeh, Mouhammd
Al-Hawawreh, Muna
INTERNATIONAL JOURNAL OF COMPUTER APPLICATIONS IN TECHNOLOGY, 2018, 57 (04) : 312 - 324
[50] Stealth Jamming Attack in WSNs: Effects and Countermeasure
Ahmed, Adnan
Ashraf, Usman
Tunio, Fatima
Abu Bakar, Kamalrulnizam
AL-Zahrani, Mohammed Saeed
IEEE SENSORS JOURNAL, 2018, 18 (17) : 7106 - 7113

← 1 2 3 4 5 →