Anomaly-based detection of SQL injection attacks

Anomaly-based detection of SQL injection attacks

A method for detecting a SQL injection attack comprises a training phase and a detection phase. In the training phase, a plurality of SQL queries is transformed into a respective plurality of SQL token domain queries which are processed using a n-gram analysis to provide a threshold and an averaging...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SHMUELI AVIRAM, AVERBUCH AMIR, DAVID GIL
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator SHMUELI AVIRAM
AVERBUCH AMIR
DAVID GIL
description A method for detecting a SQL injection attack comprises a training phase and a detection phase. In the training phase, a plurality of SQL queries is transformed into a respective plurality of SQL token domain queries which are processed using a n-gram analysis to provide a threshold and an averaging vector. In the detection phase, each newly arrived SQL query is transformed into a new SQL token domain query, and the n-gram analysis is applied together with the averaging vector and the threshold to each new SQL token domain query to determine if the new SQL query is normal or abnormal. The detection may be online or offline.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US8225402B1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US8225402B1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US8225402B13</originalsourceid><addsrcrecordid>eNrjZDBwzMvPTcyp1E1KLE5NUUhJLUlNLsnMz1PIT1MIDvRRyMzLggoklpQkJmcX8zCwpiXmFKfyQmluBgU31xBnD93Ugvz41OKCxOTUvNSS-NBgCyMjUxMDIydDYyKUAADlhCqk</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Anomaly-based detection of SQL injection attacks</title><source>esp@cenet</source><creator>SHMUELI AVIRAM ; AVERBUCH AMIR ; DAVID GIL</creator><creatorcontrib>SHMUELI AVIRAM ; AVERBUCH AMIR ; DAVID GIL</creatorcontrib><description>A method for detecting a SQL injection attack comprises a training phase and a detection phase. In the training phase, a plurality of SQL queries is transformed into a respective plurality of SQL token domain queries which are processed using a n-gram analysis to provide a threshold and an averaging vector. In the detection phase, each newly arrived SQL query is transformed into a new SQL token domain query, and the n-gram analysis is applied together with the averaging vector and the threshold to each new SQL token domain query to determine if the new SQL query is normal or abnormal. The detection may be online or offline.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2012</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20120717&amp;DB=EPODOC&amp;CC=US&amp;NR=8225402B1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20120717&amp;DB=EPODOC&amp;CC=US&amp;NR=8225402B1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>SHMUELI AVIRAM</creatorcontrib><creatorcontrib>AVERBUCH AMIR</creatorcontrib><creatorcontrib>DAVID GIL</creatorcontrib><title>Anomaly-based detection of SQL injection attacks</title><description>A method for detecting a SQL injection attack comprises a training phase and a detection phase. In the training phase, a plurality of SQL queries is transformed into a respective plurality of SQL token domain queries which are processed using a n-gram analysis to provide a threshold and an averaging vector. In the detection phase, each newly arrived SQL query is transformed into a new SQL token domain query, and the n-gram analysis is applied together with the averaging vector and the threshold to each new SQL token domain query to determine if the new SQL query is normal or abnormal. The detection may be online or offline.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2012</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZDBwzMvPTcyp1E1KLE5NUUhJLUlNLsnMz1PIT1MIDvRRyMzLggoklpQkJmcX8zCwpiXmFKfyQmluBgU31xBnD93Ugvz41OKCxOTUvNSS-NBgCyMjUxMDIydDYyKUAADlhCqk</recordid><startdate>20120717</startdate><enddate>20120717</enddate><creator>SHMUELI AVIRAM</creator><creator>AVERBUCH AMIR</creator><creator>DAVID GIL</creator><scope>EVB</scope></search><sort><creationdate>20120717</creationdate><title>Anomaly-based detection of SQL injection attacks</title><author>SHMUELI AVIRAM ; AVERBUCH AMIR ; DAVID GIL</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US8225402B13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2012</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>SHMUELI AVIRAM</creatorcontrib><creatorcontrib>AVERBUCH AMIR</creatorcontrib><creatorcontrib>DAVID GIL</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>SHMUELI AVIRAM</au><au>AVERBUCH AMIR</au><au>DAVID GIL</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Anomaly-based detection of SQL injection attacks</title><date>2012-07-17</date><risdate>2012</risdate><abstract>A method for detecting a SQL injection attack comprises a training phase and a detection phase. In the training phase, a plurality of SQL queries is transformed into a respective plurality of SQL token domain queries which are processed using a n-gram analysis to provide a threshold and an averaging vector. In the detection phase, each newly arrived SQL query is transformed into a new SQL token domain query, and the n-gram analysis is applied together with the averaging vector and the threshold to each new SQL token domain query to determine if the new SQL query is normal or abnormal. The detection may be online or offline.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US8225402B1
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Anomaly-based detection of SQL injection attacks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-06T18%3A12%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=SHMUELI%20AVIRAM&rft.date=2012-07-17&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS8225402B1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true