Fixed Attribute Value Removal Method and Anomaly Based Profiled Method, An SQLi Detection Effectiveness Study

• Published in: 2021 International Conference on Data Science and Its Applications, ICoDSA 2021
• Main Author: Kamaruzman S.A.; Isnin I.F.; Din M.M.
• Format: Conference paper
• Language: English
• Published: Institute of Electrical and Electronics Engineers Inc. 2021
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85123414856&doi=10.1109%2fICoDSA53588.2021.9617523&partnerID=40&md5=664395f5386538ed50e17a9484dd6bb5

In this work, performance of two existing SQL injection detection methods is compared and analysed together. The first existing method uses removal of SQL query attribute values method, and the other one uses database profiling technique in detecting malicious SQL query in SQL injection attacks. Both detection method algorithms are implemented and tested using SQL query log generated from DVWA and Mutillidae web applications. Analysis and evaluation from results of the experiment showed that detection method based on the considered database profiling method is found to be much flexible and more effective. Nevertheless, it was found that the former method still has some room of improvement that could be done. Therefore, improvement on the former method is proposed that increase the effectiveness of the method to distinguish non-malicious query and the malicious query during the SQL injection detection process. © 2021 IEEE.