Journal
Publisher
IEEE COMPUTER SOC
DOI: 10.1109/BigDataSecurity-HPSC-IDS49724.2020.00035
Keywords
SQL injection; Cloud SaaS; Cloud Security; Machine Learning; Deep Learning; Tensorflow
Ask authors/readers for more resources
Software as a Service (SaaS) has been adopted in a fast pace for applications and services to run on software cloud platform. However, the success of SaaS in cloud computing cannot obscure the security challenges faced by the web applications deployed on cloud SaaS. Like other web-based systems, cloud applications are prone to most of the common web attacks. The SQL injection attack is one of the most potential threat to a SaaS application. This may result in loss of sensitive and important data (e.g., financial, personal). Through this kind of attacks, the attacker can steal critical and confidential information to a business or an organization leading to high impact on tangible (e.g., data) and intangible (e.g., reputation) assets. The purpose of this research is to investigate the potential of using machine learning techniques for SQL injection detection on the application level. The algorithms to be tested are classifiers trained on different malicious and benign payloads. They take a payload as input and decide whether the input contains a malicious code or not. The results show that these algorithms can distinguish normal payloads from malicious payloads with a detection rate higher than 98%. The paper also compares the performance of different machine learning models in detecting SQL injection attacks.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available