Open AccessOnline Database Intrusion Detection System Based on Query Signatures
Author(s) -
Alaa Khalil Alhadithy,
Awezan Aso Omar
Publication year - 2017
Publication title -
govarî zankoy geşepedanî miroyî
Language(s) - English
Resource type - Journals
eISSN - 2411-7765
pISSN - 2411-7757
DOI - 10.21928/juhd.v3n1y2017.pp282-287
Subject(s) - computer science , sql injection , database , intrusion detection system , web application , hash function , web server , computer security , host based intrusion detection system , commit , world wide web , the internet , query by example , intrusion prevention system , search engine , web search query
SQL injection (SQLI) is a major type of attack that threatens the integrity, confidentiality and authenticity or functionality of any database driven web application. It allows the attacker to gain unauthorized access to the back-end database by exploiting the vulnerabilities within the system in order to commit an attack and access resources. Database Intrusion Detection System (DIDS) is the defense against SQLI that is used as a detection and prevention technique to protect any database driven web application. In this paper a proposed system is presented to protect the web application from SQLI. This proposed system uses a new technique of signature- based detection. It depends on secure hash algorithm (SHA-1), which is used to check the signature for the submitted queries and to decide whether these queries are valid, or not. The proposed system can distinguish and prevent hacking attempts by detecting the attacker, blocking his/her request, and preventing him/her from accessing the web application again. The proposed system was tested using Sqlmapproject attacking tool. Sqlmapproject was used to attack the web application (built using PHP and MySQL server) before and after protection. The results show that the proposed system works correctly and it can protect the web application system with good performance and high efficiency.