首页    期刊浏览 2024年11月23日 星期六
登录注册

文章基本信息

  • 标题:Detection of SQL Injection Using a Genetic Fuzzy Classifier System
  • 本地全文:下载
  • 作者:Christine Basta ; Ahmed elfatatry ; Saad Darwish
  • 期刊名称:International Journal of Advanced Computer Science and Applications(IJACSA)
  • 印刷版ISSN:2158-107X
  • 电子版ISSN:2156-5570
  • 出版年度:2016
  • 卷号:7
  • 期号:6
  • DOI:10.14569/IJACSA.2016.070616
  • 出版社:Science and Information Society (SAI)
  • 摘要:SQL Injection (SQLI) is one of the most popular vulnerabilities of web applications. The consequences of SQL injection attack include the possibility of stealing sensitive information or bypassing authentication procedures. SQL injection attacks have different forms and variations. One difficulty in detecting malicious attacks is that such attacks do not have a specific pattern. A new fuzzy rule-based classification system (FBRCS) can tackle the requirements of the current stage of security measures. This paper proposes a genetic fuzzy system for detection of SQLI where not only the accuracy is a priority, but also the learning and the flexibility of the obtained rules. To create the rules having high generalization capabilities, our algorithm builds on initial rules, data-dependent parameters, and an enhancing function that modifies the rule evaluation measures. The enhancing function helps to assess the candidate rules more effectively based on decision subspace. The proposed system has been evaluated using a number of well-known data sets. Results show a significant enhancement in the detection procedure
  • 关键词:thesai; IJACSA; thesai.org; journal; IJACSA papers; SQL injection; web security; genetic fuzzy system; fuzzy rule learning
国家哲学社会科学文献中心版权所有