원문정보
초록
영어
Modern web application systems are generally consisted of database systems in order to process and store business information. These systems are highly interesting to hackers as they contain sensitive information and the diversity and amount of attacks severely undermine the effectiveness of classical signature-based detection. In this work we propose a novel approach for learning SQL statements and apply machine learning techniques, such as one class classification, in order to detect malicious behavior between the database and application. The approach incorporates the tree structure of SQL queries as well as input parameter and query value similarity as characteristic to distinguish malicious from benign queries. We develop the learning system integrated in PHP and demonstrate the usefulness of our approach on real-world application.
목차
1. Introduction
2. SVM Kernel Tricks and Tree-vector Kernel
2.1. SVM kernel Tricks
2.2. Tree-vector Kernel for Structured Data
3. Kernel Function for SQL Query
3.1. Tree Kernel Function
3.2. Vector Kernel Function
4. System Design and Evaluation
4.1. System Design
4.2. Evaluation
5. Conclusion
References