Information Security Analysis and Audit

CSE3501
Slot: G1+TG1

SQL INJECTION PREVENTION SYSTEM

USING MACHINE LEARNING
ALGORITHMS

Submitted by:

Sukant jha 19BIT0359

Thiriveedhi Dheeraj

19BIT0066

Potureddy Aditya venkata

Subhash 19BIT0101

Submitted to:
Professor Jeyanthi N
Abstract

Existing vulnerabilities of Web system threaten the regular work of information systems. The most
common Web system vulnerability is SQL injection. There is known approaches to protect Web
applications against SQL injection attacks in the article. To improve the Web software security it is
developed defense mechanism that protects Web resources from SQL injection performing. To
implement this software it is used PHP, JavaScript and formal language theory known as regular
expression. As a result it is received a software tool which allows to protect Web software from SQL
injection vulnerability. Developed software tool allows user to protect his own Web application from an
attack with using SQL. Keywords: SQL Injection, Web App Security, Detection Strategies, Scanning
Method, Prevention of SQL Injection Attacks, Input Validation, Parameterized Queries, Escaping, Stored
Procedures, Mitigation using Log-In Gateway System.

Introduction

SQL injection attack is widely used by attackers to gain unauthorized access to systems. This software
system is developed to prevent unauthorized access to system using SQL injection attacks. This is done
by adding unique value and a signature based authentication technique to verify authenticity. SQL
injection is a major security issue these days that allows an attacker to gain access of a web system or
application exploiting certain vulnerabilities. This method exploits various web application parameters
such as transmitting the traveling form data parameters with an efficient integration of amino acid
codes aligned in it. In other words, this software project puts forth a method to analyze and detect the
malicious code to find out and prevent the attack. It uses an alternative algorithm for signature based
scanning method; this method is based on a different divide and conquers strategy that detects attacks
based on various time/space parameters. This innovative system has proved successful in preventing
various SQL injection attacks based on its efficient attack detection strategies.
Proposed Work
• SQL Injection:

SQL injections are one of the most utilized web attack vectors, used with the goal of retrieving sensitive
data

from organizations. When you hear about stolen credit cards or password lists, they often happen
through SQL

injection vulnerabilities. Fortunately, there are ways to protect your website from SQL injection attacks.

• Technique:

An SQL injection is a technique that attackers apply to insert SQL query into input fields to then be
processed

by the underlying SQL database. These weaknesses are then able to be abused when entry forms allow
user generated SQL statements to query the database directly.

• Harmful Threats Related to SQL Injection :

1. Extraction of private data, such as credit cards, passports, hospital records, etc.

2. Enumeration of the authentication user details, allowing these logins to be used on other websites.

3. A corrupted database, execution of OS commands, deleted/inserted data and destroyed operations

for the entire website.

4. Full system compromise.

Literature survey
Sr. Title (Year) Authors Algorithm / Method About
No used
1. SQL Injection Attacks Fairoz Q Kareem Nikto, SQLMAP 1. all content
Prevention System SQL injection with management systems
Technology Siddeeq Yousif Ameen SVM were not susceptible to
July 2021 SQL injection with assaults via SQLi but
Awder Ahmed neural network provided alerts on other
Sulaimani SQLA, DIAVA, SQL potential flaws.
Azar Abid Salih injection 2. launch new SQL
assaults with comparable
assault patterns and
payloads with the current
one
3. its advantages are the
accuracy of neural
networks for detecting
SQL injection is superior
to the relevant machine
learning algorithms.
4. DIAVA not only
conducts advanced WAFs
for SQLA detection from
the point of view of
precision and recall but
also allows the
assessment of leaked
data causing SQL
injection in real-time
2. A Classification of SQL William G.J. Halfond, Black Box Testing. Well suited and efficient
Injection Attacks and Jeremy Viegas, and Static Code Checkers for large code segments
Countermeasures Alessandro Orso AMNESIA (Combined Code access is not
Static and Dynamic required.
Analysis).
Taint Based
Approaches
New Query
Development
Paradigms
Intrusion Detection
Systems.
Proxy Filters.
Instruction Set
Randomization
3 SQL Injection Attacks: Nikita Patel, Fahim Taking User Input The attacker cannot
Techniques and Mohammed, Santosh from Predefined insert custom queries
Protection Soni Choices. or any type of harmful
Mechanisms Bind Variables. script which can disturb
Mechanism the integrity of the
Parameterized database.
Statements. helps in improving web
 Input Validation. application performance.
Every passed string
parameter ought to be
validated. Many web
applications use hidden
fields and other
techniques, which also
must be validated. If a
bind variable is not being
used, special database
characters must be
removed or escaped.
4 PROTECTION OF WEB Manisha A. Bhagat, JDBC-Checker. Explain….
APPLICATION AGAINST Prof. Vanita Mane ADMIRE.
SQL INJECTION SQL-PROB.
ATTACK WAVES.
SQLRand.
SQL DOM.
VIPER.
CANDID.
5 SQL Injection Attack Ines Jemal, Query-model based. The process begins by
Detection and Omar Cheikhrouhou, Obfuscation based. analysing the source code
Prevention Techniques Habib Hamam, Monitoring and used in the web
Using Machine Adel Mahfoudhi. Auditing Based. application and
Learning Entropy Based. vulnerable in execution,
Ontology Based. then optimizing these
vulnerable queries. The
optimization engine
generates a set of valid
execution in accordance
with the heuristic rules.
Finally, the hotspot
(vulnerable part of code)
is replaced by the web
application code with its
optimized query.
The authors in [23]
proposed an automated
testing approach, namely
µ4SQLi.µ4SQLi can
produce effective inputs
that lead to executable
and malicious SQL
queries. The idea is to
produce inputs that
bypass web application
firewalls. The goal of this
tool is to detect potential
SQL vulnerabilities in a
given web application.
6 A novel technique to Oluwakemi Christiana Formation of SQL Every form of attacks has
prevent SQL injection Abikoye, Abdullahi injection string certain characters and
and cross-site scripting Abubakar, Ahmed patterns. keywords that hackers do
 attacks using Knuth- Haruna Dokoro, Designing parse tree manipulate to perpetuate
Morris-Pratt string Oluwatobi Noah Akande for the various forms their attacks these
match & Aderonke Anthonia of attacks. characters and keywords
algorithm(2020) Kayode are used to form
malicious codes that are
used to carry out the
various forms of attacks.
Identifying these
injection codes will help
in coming up with how to
detect and prevent these
attacks.
Parse tree was used to
represent the syntactic
pattern of the various
forms of SQL-Injection
and Cross Site Scripting
attacks
7 An Efficient Technique Indrani Balasundarama, Proposed SQLIA - Because of high level
for Detection and E. Ramarajb Protector security the proposed
Prevention of SQL Mechanism scheme consists of three
Injection Attack using An Authentication filtration phases with
ASCII Based String Scheme using static and dynamic level.
Matching 2011 Hybrid Encryption First level phase is
Malicious Text Detector,
Second level phase is
Constraint Identifier,
Third level phase is Static
Query Analysis and the
Fourth level Phase is Text
based Key Generator.
8 TransSQL: A Kai Xiang Zhang, Chia- a solution in form It is a server side
Translation and Jun lin et al of TransSQL to solution, so modification
Validation-based detect malicious or update is not required
Solution for SQL- SQL queries in the legacy web
Injection Attacks 2011 application.
Automatic and platform
independent deployment
and installation.
No need to learn LDAP,
thus user’s training cost is
null.
9 An Approach for SQL M. Junjin Static analysis automatically generate
Injection Vulnerability Runtime analysis SQL query on the basis
Detection- AMNeSIA of possible legitimate
2009 queries by analysing
web application code.
scans all dynamically
generated SQL queries
and checks their
compliance to the
statically generated
models.
10 A SQL Qi Li, 1 An adaptive deep 1 Using this methodology,
Injection Weishi Li, forest-based the existing problem of
Detection Junfeng method is deterioration in
Method Wang, incorporated to efficiency of features of
Based on Mingyu detect the complex deep forests as the
Adaptive Cheng SQL injection number of layers
Deep Forest attacks. increases is tackled
(2019) completely.
2 An algorithm, 2 The structure of the tree
AdaBoost, model can be modified
algorithm is used. It automatically.
is based on deep 3 Multi-dimensional fine-
forest model which grained features can be
utilizes error rate to dealt with properly to
update the weights avoid the problem of
of features on each over-fitting.
layer. 4 The methodology used
experimentally
demonstrates not only
better detection accuracy
and low computational
cost but also high
flexibility and high
robustness.
11 SQL Xin Xie, 1 Convolutional 1 Identification of new and
Injection Chunhui Neural Network harmful attacks can be
Detection Ren, (CNN) is a successfully done with
for Web Yusheng powerful deep the help of irregular
Applications Fu, Jie Xu, feedforward neural matching characteristics
Based on Jinhong network which can and is thus, much more
Elastic- Guo replicate the difficult to bypass.
Pooling formation 2 Since the vocabulary is
CNN (2019) mechanism usually small, the
employed in training difficulty and
organisms for cost are reduced
vision cognition. considerably.
3 This method can also be
2 CNN is applied to beneficially used as an
the detection of auxiliary method of
SQL injection in existing traditional SQL
Web applications, detection methods.
and detection of
SQL injection
attacks from very
vast web logs is
done.
 3. This method
automatically
extracts the hidden
common features of
SQL injection and
is thus able to
identify new
attacks, bypassing
the regular SQL
injection.
12 JS‐SAN: Shashank 1. injection and 1. The proposed framework
defense Gupta, B.B. clustering‐based validates its novelty by
mechanism Gupta sanitization producing a less rate of
for HTML5‐ framework, i.e. JS‐ false negatives and
based web SAN (JavaScript tolerable runtime
applications SANitizer) for the overhead as compared to
against mitigation of JS code existing sanitization‐
javascript injection based approaches.
code injection vulnerabilities.
vulnerabilities
(2016) 2. It generates an attack
vector template by
performing the
clustering on the
extracted JS attack
vector payloads
corresponding to their
level of similarity. As
a result, it then
sanitizes the extracted
JS attack vector
template by an
automated technique
of placement of
sanitizers in the
source code of
generated templates
of web applications.

13 Detection and Xi 1. JavaScript code is 1. Precision of the proposed

Prevention of Xiao; Ruibo encoded in a human- detection method reaches
Code Injection Yan; Runguo unreadable form. 95.3%.
Attacks on Ye; Qing Then we use 2. Compared to the other
HTML5- Li; Sancheng classification methods, new approach
Based Apps Peng; Yong algorithms of improves a lot in
(2015) Jiang machine learning to detection speed with the
determine whether an precision nearly
app suffers from the unchanged.
code injection attack 3. An improved access
or not. control model is
 proposed to mitigate the
attack damage.
4. Filters are adopted to
remove JavaScript code
from data to prevent the
attacks.
14 Detecting and Ibéria 1. We combine taint 1. It is an enhanced form of
Removing Medeiros; Nu analysis, which finds detection.
Web no candidate
Application Neves; Migue vulnerabilities, with 2. This novel study brings
Vulnerabilities l Correia data mining, to together two approaches
with Static predict the existence that have been considered
Analysis and of false positives orthogonal until now.
Data Mining
(2016) 2. Automatic code 3. It combines humans
correction by coding the knowledge
inserting fixes in the about vulnerabilities (for
source code. taint analysis) and
automatically obtaining
3. The proposed that knowledge (with
approach was machine learning, for
implemented in the data mining).
WAP tool, and an
experimental
evaluation was
performed with a
large set of PHP
applications.
15 Study On Subhranil 1. The paper has dealt 1. This paper has
SQL Som, Sapna with the security on demonstrated a strategy
Injection Sinha ,Ritu the ends by to change over SQL
Attacks: Kataria proposing the two query into number of
Mode, systems for helpful tokens by
Detection avoiding SQL applying tokenization
And Injection Attacks. and after that encoding
Prevention Its two stages are: all literals, fields, table
(2016) a) Frontend Phase and information on the
b) Backend query by AES-algorithm
2. Initially at front end to avoid SQLIA.
the Database is 2. This methodology
secured from any encourages quick and
SQLIA. An proficient getting to
additional section system with database
in client table is and keeps away from
uesd to store the memory necessities to
Final Hash Code, store the actual query in
which is obtained storehouse.
during enrollment 3. This methodology
time of a client for because of its low
the first time and is preparing overhead has
put into client table immaterial impact on
along with client execution even at higher
name and secret burden conditions and
key. does not require real
3. In the backend changes to application
phase, The code.
framework notices
on how SQLIA on
Web applications
bytokenization and
encryption for
detection and
prevention.
16 Web based Akbar 1. This research uses 1. The design and testing of
testing Iskandar, semantic comparison the system on the
application Muhammad method to detect SQL registration form shows
security Resa injection. Semantic that if there is field that
system Fahlepi comparisons are has not been filled or empty
using Tuasamu , on the registration
semantic Suryadi performed by parsing form then it shows a message
comparison Syamsu , M each statement and notification that the field
method Mansyur , comparing syntactic must be filled and after all
(2018) Tri data structures. If the the fields are filled, semantic
Listyorini , syntax structure of the comparison will compare the
Sulfikar two queries is query in the system database.
Sallu , S equivalent, then the The password created by the
Supriyono, query induces user has been encrypted and
Kundharu equivalent semantic the encrypted password will
Saddhono , action on the database be decrypted using MD5
Darmawan server. decrypter where the data is
Napitupulu 2 Research based on a encrypted using an
and Robbi use case of a encryption key to be
Rahim registration and login something that is difficult to
form. read by someone
2 Therefore, every website or
web application needs to
apply the semantic
comparison method and
apply Message Digest 5
(MD5) algorithm which is
widely used to prevent the
occurrence of attacks from
creckers who are trying to
find a web vulnerability
because most applications
accessed via the internet has
a login page which can be
used to authenticate app
users.
3 The attacker intends to log in
without using the correct
username and correct
password. But as if entering
the correct username, where
if the attacker uses injection
like "hacker OR 1 '=' 1'-" as
username and suppose
"something" is used as
password, then the query will
be like this: Select * from
login where user = 'hacker'
OR '1' = '1' - 'and pass ='
something 'When
this query is run in the
 database, it will always be
considered correct and
authentication will work.
4 Based on the results and design
of research, it can be
concluded that using
semantic comparison method
can prevent dangerous
Structured Query Language
Injection Attack and can
secure the account of web
testing users by
using MD5.

17 SQL Injection Stephanie 1. This paper talks about 1. The three main defense
(2013) Reetz, SOC various SQL injection strategies against SQL
Analyst vulnerability, attack injection are parameterized
scenarios, blind SQL queries, stored procedures,
Injection and mitigation. and input validation. The
first option is the use of
parameterized queries. They
require that all SQL code is
first defined and then
parameters are passed to the
query. They are easier to
write than dynamic queries
and help prevent SQL
injection by differentiating
between the SQL code and
the user-supplied data.
2. The second defense strategy,
comparable to the first, is the
use of stored procedures
which prevent SQL injection
as long as they do not
include any unsafe dynamic
SQL generation.
3. The third approach is to
escape all user-supplied
input before adding it to a
query. When user supplied
input is escaped, special
characters are replaced with
characters the database
should not confuse with
SQL code written by the
developer. The specific
functions used for escaping
user supplied input vary by
server-side scripting
 language.
18 A Study on Rubidha 1. SQL Injection through
SQL Injection Devi.D, 1. Comprehensive Tautologies used for bypassing
Techniques R.Venkatesan coverage about topics authentication like ->
(2016) , like basics of SQL Select * from userdet
Raghuraman. Injection, types, where uid=‘abcd’ and pwd
K recent attacks as a =’a’ or‘3’=’3’
case study.
2. SQL Injection through
2. Tautology SQL Union used for extracting Data
injection – one of the like ->
code injection Select * from userdet where uid=‘’
techniques is widely union select * from
used as a data – details -- and pwd=‘a’;
driven attack as per
the security related 3. SQL Injection through
literature and causes Piggybacked Queries to
severe damage to the extract different datasets like ->
organizational data SELECT Rno FROM St
banks. WHERE login = ‘abc’ AND pass
= ”; DROP table St --’

4. SQL Injection through

InferenceDetermining used for
database Schema like ->
SELECT name, email FROM
members WHERE id=1; IF
SYSTEM_USER='sa'
SELECT1/0 ELSE SELECT 5

5. SQL Injection through

Stored Procedure used for
executing remote
Commands like ->
SELECT Eid, Ename FROM
Employee
WHERE Ename LIKE ‘8’ or ‘8’ =
‘8’;
EXEC master.dbo. xp_cmdshell
‘dir’--‘
19 Using Parse Gregory T. 1. Most web applications employ
Tree Buehrer, 1.A parse tree is a data a middleware technology
Validation to Bruce W. structure for the parsed designed to request
Prevent SQL Weide, and representation of a information from a relational
Injection Paolo A. G. statement. Parsing a database in SQL. SQL
Attacks Sivilotti statement requires the injection is a common
grammar of the statement’s technique hackers employ to
language. By parsing two attack these web-based
statements and comparing applications. These attacks

20 Detection of Musaab This paper talks about It is easy and fast to predict the
SQL Hasan, various SQL injection class of the test data set. It also
Injection Zayed vulnerability, attack
performs well in multi-class
attacks: A Balbahaith, scenarios, Support Vector
Machine Mohamme Machine(SVM), Naïve prediction. When assumption of
Learning d Tarique Bayes, RBC control independence holds, a Naive
Approach mechanism and SQL Bayes classifier performs better
detection. compare to other models like
logistic regression and you need
less training data.

21 Applied T.P.Latchou
Machine mi, Manoj The proposed detection model Continuous web security against
Learning Sahit Reddy, may report vulnerabilities in web OWASP
Predictive K.Balamuru applications.
Analytics to gan Give developers a confidence boost
SQL Injection in their own code.
Attack
Detection and
Prevention
22 Applied Solomon
Machine Uwagbole, Support vector machine SVM works relatively well when
Learning William J learning, proxy filters there is a clear margin of separation
Predictive Buchanan,
between classes. SVM is more
Analytics to L.Fan
SQL Injection effective in high dimensional spaces.
Attack SVM is effective in cases where the
Detection and number of dimensions is greater than
Prevention
the number of samples. SVM is
relatively memory efficient.

23 An Improved Yazeed
SQL Injection Abdulmalik Sql static and dynamic It identifies vulnerabilities in a
Attack Analysis. runtime environment.
Detection
Model Using Automated tools provide flexibility
Machine on what to scan for.
Learning
Techniques It allows for analysis of applications
in which you do not have access to
the actual code.

24 SQL Injection Sonali

Detection Mishra SQL Injection (Union, Blind. Performance: An ensemble can
Using Error), Naïve Bayes, Ensemble make better predictions and achieve
Machine Learning, Bagging and
better performance than any single
Learning Boosting.
contributing model. Robustness: An
2019
ensemble reduces the spread or
dispersion of the predictions and
model performance.
25 Detection of Tareek Naïve bayes, bagging and MD5 Algorithms are useful because
SQL Pattewar, boosting, gradient boosting it is easier to compare and store
Injection Hitesh Patil,
Harshada these smaller hashes than store a
using Encryption alog’s: MD5
Patil , Neha large variable length text. ...
Machine algorithm, AEs algorithm
Patil ,
Learning: A Muskan Moreover, it is very easy to generate
Survey- Taneja , a message digest of the original
Nov2019 Tushar message using this algorithm.
Wadile

26 SQL Anamika
Injection Using Naïve Bayes ML It is easy and fast to predict the class
Joshi and
Detection algorithm. of the test data set. It also performs
Geetha V.
using well in multi-class prediction. When
Machine assumption of independence holds, a
Learning Naive Bayes classifier performs better
compare to other models like logistic
regression and you need less training
data.

27 SCAMM: Auninda
Detection and Alam, They use machine learning
Prevention of Marjan algorithms in order to train This model can be used to
SQL Tahreen, Md their model so that it may supplement the protective measures
Injection Moin Alam, of any kind of website. It can be used
detect any known kind of SQL
Shahnewaz
Attacks injection attempts and even to protect the database of various
Ali
Mohammad, identify new approaches of web applications. It is expected to
Shohag Rana attacks from its previous serve as an added layer of protection
training to database servers of any kind of
system
28 Prevention M.N.Kavith Sql Injections Using Machine . Two Levels Of Security Are
Of Sql a, V. Learning Serves As prevention Defined In
Injection Vennila, This System: In The First Level
Mechanism To The Utilization
Attack Using G.Padmapri Of Any Database In The Server The Patterns Produced By The
ya, A. Rajiv
Unsupervised Side. In This Methodology, A Cfg Rules And Relating
Kannan
Machine These Values With The Pattern
Segment Is Built Up That Lives
Learning Produced By The Rules That
In The Server Side[12]. The
Approach Are Set For Sql Attacks
System Checks For The Sql
Injection Attack Patterns That
Are Affixed With The Values
Passed To The Application
Server Prior To The Processing
Of The Query Made By The
Client

29 Web Gustavo
Application Betarte , Here they are using some ML
Attacks Rodrigo techniques for Web Most web applications employa
Detection Mart´ınez middleware technology designed
Application Attacks
Using and Alvaro
Detection. to request information from a
Machine Pardo
Learning relational database in SQL.
Techniques

The NN model deals with the URL

30 SQL-IDS: Naghmeh
Here they have proposed a addresses that have already been
Evaluation of Moradpoor classified into either benign or
SQLi Attack Sheykhkanlo neural network-based model
malicious. It also has knowledge
Detection o for detection and
about the type of SQLi attack for
and classification of SQLi attacks. malicious URLs. The NN model
Classification
Based on receivesthis information from the
Machine URL classifier and takes it into
Learning account for three phases of: training,
Techniques validating and testing with
distribution rates of 70%, 15%.
Techniques Classifier(s) Performance Dataset
HIPS Bayesian Naif Bayesian Accuracy= 97.6% SQL injections data
Multinomial collection framework
SQLI-IDS Back propagation Overall accuracy= 96.8% Dataset 13,000 URL
Network addresses including 500
benign URLA and 12,500
malicious URLs
Sheykhkanloo et al. Neural Network Based Accuracy= 95% Dataset 25000 URL
Model addresses including
12250 benign URLs and
12250 malicious URES
Verbruggen et al. Decision Tree, SVM, Recognition Rate= 98.6% 6 different datasets
Random Trec, Jribber, for Neural Network contains 1875 malicious
Neural Network, packets and 11444
Random Forest normal packets.
Wang et al. Stacked AutoEncoder Precision 100% 0.3 million TCP flow data
collected from internal
network
Ingre e al. Decision Tree Accuracy= 83.7% NSL-KDD
Moosa et al. Neural network Multi- Accuracy= 66.67% 300 SQL injection
layer Feed Forward signatures and around
200 XSS signatures
collected from different
websites
SQLIGOT SVM Accuracy= 93.9% 178 Codes including 101
normal codes and 77
malicious codes
Joshi et al. Naïve Bayes Accuracy= 96.23% 4610 injected sequences
and 4884 genuine
sequences
Modsecurity with ML K-NN (K-3), SVM, Precision-97% CSIC-2010. DRUPAL, and
Random Forest Neural PKDD2007
Network
TbD-NNbR Neural Network Accuracy= 99.23% 1655 queries tested, 451
malicious queries and
1204 legal queries.
Architecture flow:

Proposed ML architecture:
Implementation:

import numpy as np
import pandas as pd
import os
import math
import collections

import re

# this regex is using to make tokens.

sql_regex =
re.compile("(?P<UNION>UNION\s+(ALL\s+)?SELECT)|(?P<PREFIX>([\'\"\)]|((\'|\"|\)|\d+|\w+)\s))(\|\|\
&\&|and|or|as|where|IN\sBOOLEAN\sMODE)(\s|\()(\(?\'?-?\d+\'?(=|LIKE|<|>|<=|>=)\'?-
?\d+|\(?[\'\"\\\"]\S+[\'\"\\\"](\s+)?(=|LIKE|<|>|<=|>=)(\s+)?[\'\"\\\"]))|(?P<USUAL>([\'\"]\s*)(\|\||\&
\&|and|or)(\s*[\'\"])(\s*[\'\"])=)|(?P<DROP>;\s*DROP\s+(TABLE|DATABASE)\s(IF\s+EXISTS\s)?\S+)|(?
P<NOTIN>\snot\sin\s?\((\d+|(\'|\")\w+(\'|\"))\))|(?P<LIMIT>LIMIT\s+\d+(\s+)?,(\s+)?\d+)|GROUP_CO
NCAT\((?P<GRPCONCAT>.*?)\)|(?P<ORDERBY>ORDER\s+BY\s+\d+)|CONCAT\((?P<CONCAT>.*?)\)|(?P
<CASEWHEN>\(CASE\s(\d+\s|\(\d+=\d+\)\s|NULL\s)?WHEN\s(\d+|\(?\d+=\d+\)?|NULL)\sTHEN\s(\d+|
\(\d+=\d+\)|NULL)\sELSE)|(?P<DBNAME>(?:(?:m(?:s(?:ysaccessobjects|ysaces|ysobjects|ysqueries|ysr
elationships|ysaccessstorage|ysaccessxml|ysmodules|ysmodules2|db)|aster\.\.sysdatabases|ysql\.db
)|s(?:ys(?:\.database_name|aux)|chema(?:\W*\(|_name)|qlite(_temp)?_master)|d(?:atabas|b_nam)
e\W*\(|information_schema|pg_(catalog|toast)|northwind|tempdb)))|(?P<DATABASE>DATABASE\(\)
)|(?P<DTCNAME>table_name|column_name|table_schema|schema_name)|(?P<CAST>CAST\(.*AS\s+
\w+\))|(?P<INQUERY>\(SELECT[^a-z_0-
9])|(?P<CHRBYPASS>((CHA?R\(\d+\)(,|\|\||\+)\s?)+)|CHA?R\((\d+,\s?)+\))|(?P<FROMDB>\sfrom\s(du
al|sysmaster|sysibm)[\s.:])|(?P<MYSQLFUNC>[^.](ABS|ACOS|ADDDATE|ADDTIME|AES_DECRYPT|AES
_ENCRYPT|ANY_VALUE|ASCII|ASIN|ASYMMETRIC_DECRYPT|ASYMMETRIC_DERIVE|ASYMMETRIC_EN
CRYPT|ASYMMETRIC_SIGN|ASYMMETRIC_VERIFY|ATAN|ATAN2|AVG|BENCHMARK|BIN|BIT_AND|BI
T_COUNT|BIT_LENGTH|BIT_OR|BIT_XOR|CAST|CEIL|CEILING|CHAR|CHAR_LENGTH|CHARACTER_LEN
GTH|CHARSET|COALESCE|COERCIBILITY|COLLATION|COMPRESS|CONCAT|CONCAT_WS|CONNECTIO
N_ID|CONV|CONVERT|CONVERT_TZ|COS|COT|COUNT|COUNT|CRC32|CREATE_ASYMMETRIC_PRIV_
KEY|CREATE_ASYMMETRIC_PUB_KEY|CREATE_DH_PARAMETERS|CREATE_DIGEST|CURDATE|CURREN
T_DATE|CURRENT_TIME|CURRENT_TIMESTAMP|CURRENT_USER|CURTIME|DATABASE|DATE|DATE_
ADD|DATE_FORMAT|DATE_SUB|DATEDIFF|DAY|DAYNAME|DAYOFMONTH|DAYOFWEEK|DAYOFYEA
R|DECODE|DEFAULT|DEGREES|ELT|ENCODE|EXP|EXPORT_SET|EXTRACT|EXTRACTVALUE|FIELD|FIN
D_IN_SET|FLOOR|FORMAT|FOUND_ROWS|FROM_BASE64|FROM_DAYS|FROM_UNIXTIME|Geometr
yCollection|GET_FORMAT|GET_LOCK|GREATEST|GROUP_CONCAT|GTID_SUBSET|GTID_SUBTRACT|H
EX|HOUR|IF|IFNULL|IIF|IN|INET_ATON|INET_NTOA|INET6_ATON|INET6_NTOA|INSERT|INSTR|INTE
RVAL|IS_FREE_LOCK|IS_IPV4|IS_IPV4_COMPAT|IS_IPV4_MAPPED|IS_IPV6|IS_USED_LOCK|ISNULL|JS
ON_APPEND|JSON_ARRAY|JSON_ARRAY_APPEND|JSON_ARRAY_INSERT|JSON_CONTAINS|JSON_CON
TAINS_PATH|JSON_DEPTH|JSON_EXTRACT|JSON_INSERT|JSON_KEYS|JSON_LENGTH|JSON_MERGE|J
SON_OBJECT|JSON_QUOTE|JSON_REMOVE|JSON_REPLACE|JSON_SEARCH|JSON_SET|JSON_TYPE|JS
ON_UNQUOTE|JSON_VALID|LAST_INSERT_ID|LCASE|LEAST|LEFT|LENGTH|LineString|LN|LOAD_FILE|
LOCALTIME|LOCALTIMESTAMP|LOCATE|LOG|LOG10|LOG2|LOWER|LPAD|LTRIM|MAKE_SET|MAKED
ATE|MAKETIME|MASTER_POS_WAIT|MAX|MBRContains|MBRCoveredBy|MBRCovers|MBRDisjoint|
MBREquals|MBRIntersects|MBROverlaps|MBRTouches|MBRWithin|MICROSECOND|MID|MIN|MINU
TE|MOD|MONTH|MONTHNAME|MultiLineString|MultiPoint|MultiPolygon|NAME_CONST|NOT
IN|NOW|NULLIF|OCT|OCTET_LENGTH|OLD_PASSWORD|ORD|PERIOD_ADD|PERIOD_DIFF|PI|Point|P
olygon|POSITION|POW|POWER|PROCEDURE
ANALYSE|QUARTER|QUOTE|RADIANS|RAND|RANDOM_BYTES|RELEASE_ALL_LOCKS|RELEASE_LOCK|
REPEAT|REPLACE|REVERSE|RIGHT|ROUND|ROW_COUNT|RPAD|RTRIM|SCHEMA|SEC_TO_TIME|SEC
OND|SESSION_USER|SHA1|SHA2|SIGN|SIN|SLEEP|SOUNDEX|SPACE|SQRT|ST_Area|ST_AsBinary|ST
_AsGeoJSON|ST_AsText|ST_Buffer|ST_Buffer_Strategy|ST_Centroid|ST_Contains|ST_ConvexHull|ST_
Crosses|ST_Difference|ST_Dimension|ST_Disjoint|ST_Distance|ST_Distance_Sphere|ST_EndPoint|ST
_Envelope|ST_Equals|ST_ExteriorRing|ST_GeoHash|ST_GeomCollFromText|ST_GeomCollFromWKB|S
T_GeometryN|ST_GeometryType|ST_GeomFromGeoJSON|ST_GeomFromText|ST_GeomFromWKB|ST
_InteriorRingN|ST_Intersection|ST_Intersects|ST_IsClosed|ST_IsEmpty|ST_IsSimple|ST_IsValid|ST_La
tFromGeoHash|ST_Length|ST_LineFromText|ST_LineFromWKB|ST_LongFromGeoHash|ST_MakeEnvel
ope|ST_MLineFromText|ST_MLineFromWKB|ST_MPointFromText|ST_MPointFromWKB|ST_MPolyFro
mText|ST_MPolyFromWKB|ST_NumGeometries|ST_NumInteriorRing|ST_NumPoints|ST_Overlaps|ST
_PointFromGeoHash|ST_PointFromText|ST_PointFromWKB|ST_PointN|ST_PolyFromText|ST_PolyFro
mWKB|ST_Simplify|ST_SRID|ST_StartPoint|ST_SymDifference|ST_Touches|ST_Union|ST_Validate|ST
_Within|ST_X|ST_Y|StartPoint|STD|STDDEV|STDDEV_POP|STDDEV_SAMP|STR_TO_DATE|STRCMP|S
UBDATE|SUBSTR|SUBSTRING|SUBSTRING_INDEX|SUBTIME|SUM|SYSDATE|SYSTEM_USER|TAN|TIME
|TIME_FORMAT|TIME_TO_SEC|TIMEDIFF|TIMESTAMP|TIMESTAMPADD|TIMESTAMPDIFF|TO_BASE6
4|TO_DAYS|TO_SECONDS|TRIM|TRUNCATE|UCASE|UNCOMPRESS|UNCOMPRESSED_LENGTH|UNHE
X|UNIX_TIMESTAMP|UpdateXML|UPPER|USER|UTC_DATE|UTC_TIME|UTC_TIMESTAMP|UUID|UUID
_SHORT|VALIDATE_PASSWORD_STRENGTH|VALUES|VAR_POP|VAR_SAMP|VARIANCE|VERSION|WAI
T_FOR_EXECUTED_GTID_SET|WAIT_UNTIL_SQL_THREAD_AFTER_GTIDS|WEEK|WEEKDAY|WEEKOFYE
AR|WEIGHT_STRING|YEAR|YEARWEEK)\()|(?P<BOOLEAN>\'?-?\d+\'?(=|LIKE)\'?-?\d+($|\s|\)|,|--
|#)|[\'\"\\\"]\S+[\'\"\\\"](\s+)?(=|LIKE)(\s+)?[\'\"\\\"]\S+)|(?P<PLAIN>(@|##|#)[A-Z]\w+|[A-
Z]\w*(?=\s*\.)|(?<=\.)[A-Z]\w*|[A-Z]\w*(?=\()|`(``|[^`])*`|´(´´|[^´])*´|[_A-Z][_$#\w]*|[가-힣]+)",
re.IGNORECASE)

# now we use regex in python for tokenizer each sqli or plain-text

from itertools import groupby

def Sql_tokenizer(raw_sql):
if sql_regex.search(raw_sql):
return [tok[0] for tok in groupby([match.lastgroup for match in sql_regex.finditer(raw_sql)])]
else:
return ['PLAIN']

def GetTokenSeq(token_list, N):

token_seq = []
for n in range(0,N):
token_seq += zip(*(token_list[i:] for i in range(n+1)))
return [str(tuple) for tuple in token_seq]

# G-Test Score for likelihood ratio stats

def G_test_score(count, expected):
if (count == 0):
return 0
else:
return 2.0 * count * math.log(count/expected)
# pre processing to get G-Test score
def G_test(tokens, types):
tokens_cnt = tokens.value_counts().astype(float)
types_cnt = types.value_counts().astype(float)
total_cnt = float(sum(tokens_cnt))

# calculate each token counts

token_cnt_table = collections.defaultdict(lambda : collections.Counter())
for _tokens, _types in zip(tokens.values, types.values):
token_cnt_table[_tokens][_types] += 1

# create dataset using token count values and types

# new dataset in setted by token count, value
datax = []

tc_dataframe = pd.DataFrame(list(token_cnt_table.values()), index=token_cnt_table.keys())

tc_dataframe.fillna(0, inplace=True)

# calculate expected, g-score

for column in tc_dataframe.columns.tolist():
#tc_dataframe[column] += 1
tc_dataframe[column+'_exp'] = (tokens_cnt / total_cnt) * types_cnt[column]
tc_dataframe[column+'_GTest'] = [G_test_score(tkn_count, exp) for tkn_count, exp in
zip(tc_dataframe[column], tc_dataframe[column+'_exp'])]

return tc_dataframe

# get string entropy :

def Entropy(raw_sql):
p, lns = collections.Counter(str(raw_sql)), float(len(str(raw_sql)))
return -sum( count/lns * math.log(count/lns, 2) for count in p.values())

# get g-score means of each tokens

def G_means(token_seq, c_name):
try:
g_scores = [tc_dataframe.loc[token][c_name] for token in token_seq]
except KeyError:
return 0
return sum(g_scores)/len(g_scores) if g_scores else 0 # Average

# read data from file. You should change this path!!

basedir = '/Users/dorkboy/Desktop/Sql-Injection/source/trainingdata'
filelist = os.listdir(basedir)
df_list = []
for file in filelist:
if file == '.DS_Store':
continue
df = pd.read_csv(os.path.join(basedir,file), sep='Aw3s0meSc0t7', names=['raw_sql'], header=None,
engine='python')
df['type'] = 'plain' if file.split('.')[0] == 'plain' else 'sqli'
df_list.append(df)

# god pandas make to us a dataframe like excel format

dataframe = pd.concat(df_list, ignore_index=True)
dataframe.dropna(inplace=True)
print (dataframe['type'].value_counts())

# tokenize raw sql

dataframe['sql_tokens'] = dataframe['raw_sql'].map(lambda x: Sql_tokenizer(x))

# get token sequences

dataframe['token_seq'] = dataframe['sql_tokens'].map(lambda x: GetTokenSeq(x, 3))

_tokens, _types = zip(*[(token,token_type) for token_list,token_type in zip(dataframe['token_seq'],

dataframe['type']) for token in token_list])
tc_dataframe = G_test(pd.Series(_tokens), pd.Series(_types))

# now we set real features for machine learning algorithm.

dataframe['token_length'] = dataframe['sql_tokens'].map(lambda x: len(x))
dataframe['entropy'] = dataframe['raw_sql'].map(lambda x: Entropy(x))
dataframe['sqli_g_means'] = dataframe['token_seq'].map(lambda x: G_means(x, 'sqli_GTest'))
dataframe['plain_g_means'] = dataframe['token_seq'].map(lambda x: G_means(x, 'plain_GTest'))

# list of feature vectors

X = dataframe.as_matrix(['token_length', 'entropy','sqli_g_means','plain_g_means'])

# encode categorical feature

from sklearn.preprocessing import LabelEncoder
labelencoder_y = LabelEncoder()
y = labelencoder_y.fit_transform(dataframe['type'].tolist())

from sklearn.model_selection import train_test_split

X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, random_state = 0)

'''
# Feature Scaling but not use this.
from sklearn.preprocessing import StandardScaler
sc_X = StandardScaler()
X_train = sc_X.fit_transform(X_train)
X_test = sc_X.transform(X_test)
'''
from sklearn.ensemble import GradientBoostingClassifier
clf = GradientBoostingClassifier(n_estimators=100, learning_rate=1.0, max_depth=7,
random_state=0).fit(X_train, y_train)
print ("Gradient Boosting Tree Acurracy: %f" % clf.score(X_test, y_test))

# you can check your test data.

def Check_is_sql(sql):
# do some pre-processing remoce comment /**/, /*!num */
_tmp = re.sub(r'(/\*[\w\d(\`|\~|\!|\@|\#|\$|\%|\^|\&|\*|\(|\)|\-
|\_|\=|\+|\[|\{|\]|\}|\\|\:|\;|\'|\"|\<|\>|\,|\.|\?)\s\r\n\v\f]*\*/)', ' ', sql)
_tmp = re.sub(r'(/\*!\d+|\*/)', ' ', _tmp)

sql_tokens = Sql_tokenizer(_tmp.strip())
token_seq = GetTokenSeq(sql_tokens, 3)
sqli_g_means = G_means(token_seq, 'sqli_GTest')
plain_g_means = G_means(token_seq, 'plain_GTest')
_X = [[len(sql_tokens), Entropy(sql), sqli_g_means, plain_g_means]]
return clf.predict(_X)[0]

check_data = "%' or '0'='0"

res = Check_is_sql(check_data)
print ("Test Cycle: %s" % check_data)
print (" ")
print ("Result: ")
if res == 1:
print ("[THIS IS A CODE CONTAINING SQL INJECTION]")
else:
print ("[THIS IS A NORMAL TEXT]")

Output Screenshot:
 References:
1 SQL Injection Attacks Prevention System Technology: Review Fairoz Q. Kareem1*, Siddeeq Y.
Ameen1, Azar Abid Salih1, Dindar Mikaeel Ahmed1, Shakir Fattah Kak1, Hajar Maseeh Yasin1,
Ibrahim Mahmood Ibrahim1, Awder Mohammed Ahmed2, Zryan Najat Rashid2 and Naaman Omar

2 A Classification of SQL Injection Attacks and Countermeasures William G.J. Halfond, Jeremy Viegas,
and Alessandro

3 http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.301.5263&rep=rep1&type=pdf

4 PROTECTION OF WEB APPLICATION AGAINST SQL INJECTION ATTACK Manisha A. Bhagat* , Prof.
Vanita Mane**

5 SQL Injection Attack Detection and Prevention Techniques Using Machine Learning Ines Jemal,
Omar Cheikhrouhou, Habib Hamam, Adel Mahfoudhi.

6 A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-
Pratt string match algorithm Oluwakemi Christiana Abikoye, Abdullahi Abubakar, Ahmed Haruna
Dokoro, Oluwatobi Noah Akande & Aderonke Anthonia Kayode

7 An Efficient Technique for Detection and Prevention of SQL Injection Attack using ASCII Based
String Matching Indrani Balasundaram, Ramaraj E.

8 Detection & Prevention of SQL Injection Attacks: Developments of the Decade Sunny Rai Mahindra
Ecole Centrale Bharti Nagpal.

9 Q. Li, W. Li, J. Wang and M. Cheng, "A SQL Injection Detection Method Based on
AdaptiveDeep Forest," in IEEE Access, vol. 7, pp. 145385-145394, 2019, doi:
10.1109/ACCESS.2019.2944951.
10 X. Xie, C. Ren, Y. Fu, J. Xu and J. Guo, "SQL Injection Detection for Web
ApplicationsBased on Elastic-Pooling CNN," in IEEE Access, vol. 7, pp.
151475-151481, 2019, doi: 10.1109/ACCESS.2019.2947527.

11 International Journal of Engineering Applied Sciences and Technology, 2016

Vol. 1, Issue 8,ISSN No. 2455-2143, Pages 23-29 Published Online June - July 2016
in IJEAST (http://www.ijeast.com) “Study On SQL Injection Attacks: Mode,
Detection And Prevention” bySubhranil Som AIIT, Amity University Uttar Pradesh,
Noida, India ,Sapna Sinha AIIT, Amity University Uttar Pradesh, Noida, India and
Ritu Kataria AIIT, Amity University Uttar Pradesh,
Noida, India

12 2nd Nommensen International Conference on Technology and Engineering IOP

Publishing IOP Conf. Series: Materials Science and Engineering 420 (2018) 012122
doi:10.1088/1757- 899X/420/1/012122 ” Web based testing application security
system using semantic comparison method” by Akbar Iskandar, Muhammad Resa
Fahlepi Tuasamu , Suryadi Syamsu , M Mansyur ,Tri Listyorini , Sulfikar Sallu , S
Supriyono, Kundharu Saddhono ,
Darmawan Napitupulu and Robbi Rahim

13 Technical White Paper MS-ISAC SQL Injection Authored by: Stephanie Reetz,
SOC AnalystMay 2017

14 A STUDY ON SQL INJECTION TECHNIQUES by Rubidha Devi.D*,

R.Venkatesan, Raghuraman.KAssistant Professor, Department of Computer
Science and Engineering, Srinivasa Ramanujan Centre, Sastra University,
Kumbakonam, Tamil Nadu, India.ISSN: 0975-766X
CODEN: IJPTFI (2016)

15 Buehrer, G., Weide, B.W. and Sivilotti, P.A., 2005, September. Using parse tree

validation toprevent SQL injection attacks. In Proceedings of the 5th international

workshop on Software engineering and middleware (pp. 106-113).

16 Gupta, S., and Gupta, B. B. (2016) JS‐SAN: defense mechanism for

HTML5‐based webapplications against javascript code injection vulnerabilities.

Security Comm.Networks, 9: 1477– 1495.

17 X. Xiao, R. Yan, R. Ye, Q. Li, S. Peng and Y. Jiang, "Detection and Prevention

of Code Injection Attacks on HTML5-Based Apps," 2015 Third International

Conference on AdvancedCloud and Big Data, Yangzhou, 2015, pp. 254-261, doi:

10.1109/CBD.2015.48.

18 I. Medeiros, N. Neves and M. Correia, "Detecting and Removing Web

Application Vulnerabilities with Static Analysis and Data Mining," in IEEE

Transactions on Reliability, vol.65, no. 1, pp. 54-69, March 2016, doi:

10.1109/TR.2015.2457411.

19 Yazeed Abdulmalik “improvised sql injection attack detection model”

international journal of innovative computing. ISSN 2180-4370

20 Solomon Obgomon Uwagbole and William J. Buchanan, Lu Fan “Predictive

analytics to SQL injection attack detection and prevention” in research gate

 21 T.P. Latchoumi, Manoj Sahit Reddy and K. Balamurugan “Predictive analysis

to SQL injection attack detection and prevention” European Journal of Molecular

and clinical medicine ISSN-2515-8260.

22 Mussab Hasan, Zayed Balbahaith and Mohammed Tarique “Detection of SQL

Injection Attacks”

23 Ines Jemal, Omar Cheikhrouhou, Habib Hamam and Adel Mahfoudhin “SQL

injection attack and detection and prevention techniques” International journal of

applied Research ISSN 0973-4562 volume 15.

24 M.N. Kavitha, V.Vennila, G.padmapriya and A.rajiv Kannan “Prevention of

SQL injection attack using unsupervised ML approch” International Journal of

Aquatic Science ISSN: 2008-8019 volume 12.

25 Naghmeh Moradpoor Sheykhkanloo “SQL-IDS: Evaluation of SQli Attack and

detection and classification Based on machine learning Techniques”

26 Anamika Joshi and Geetha V “SQL Injection and detection using ML”

National Institute of Technology, Karnataka 2014 International conference on

control, Instrumentation, Communication and computational Technologies.

27 Solomon Uwagbole, William J Buchanan and L. Fan “Applied Machine Learning

Predictive Analytics to SQL Injection Attack Detection and Prevention”

[28] A. Makiou, Y. Begriche, and A. Serhrouchni, “Improving web application

firewalls to detect advanced sql injection attacks,” in Information Assurance and

Security (IAS), 2014 10th International Conference on. IEEE, 2014, pp. 35–40.

[29] N. Friedman, D. Geiger, and M. Goldszmidt, “Bayesian network classifiers,”

Machine learning, vol. 29, no. 2-3, pp. 131–163, 1997.

[30] N. M. Sheykhkanloo, “SQL-IDS: evaluation of sqli attack detection and

classification based on machine learning techniques,” in Proceedings of the 8th

International Conference on Security of Information and Networks. ACM, 2015,

pp. 258–266.

[31] “A learning-based neural network model for the detection and classification of

sql injection attacks,” International Journal of Cyber Warfare and Terrorism

(IJCWT), vol. 7, no. 2, pp. 16–41, 2017.

[32] R. Verbruggen and T. Heskes, “Creating firewall rules 579 International

Journal of Applied Engineering Research ISSN 0973-4562 Volume 15, Number 6

(2020) pp. 569-580 ©️Research India Publications. http://www.ripublication.com

with machine learning techniques,” Ph.D. dissertation, Kerckhoffs institute

Nijmegen, 2015.

[33] “Dataset kdd cup,” http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.

[34] R. Lippmann, J. W. Haines, D. J. Fried, J. Korba, and K. Das, “The 1999 darpa

off-line intrusion detection evaluation,” Computer networks, vol. 34, no. 4, pp.

579–595, 2000.

[35] Z. Wang, “The applications of deep learning on traffic identification,” lackHat

USA, 2015.

[36] B. Ingre, A. Yadav, and A. K. Soni, “Decision tree based intrusion detection

system for nsl-kdd dataset,” in International Conference on Information and

Communication Technology for Intelligent Systems. Springer, 2017, pp. 207–218.

[37] “Dataset nsl-kdd,” https://www.unb.ca/cic/datasets/nsl.html. [51] A. Moosa,

“Artificial neural network based web application firewall for sql injection,” World

Academy of Science, Engineering and Technology, vol. 4, 2010. [52] A. Joshi and

V. Geetha, “Sql injection detection using machine learning,” in 2014 International

Conference on Control, Instrumentation, Communication and Computational

Technologies (ICCICCT). IEEE, 2014, pp. 1111–1115.

 [38] D. Kar, S. Panigrahi, and S. Sundararajan, “Sqligot: Detecting sql injection

attacks using graph of tokens and svm,” Computers & Security, vol. 60, pp. 206–

225, 2016. [54] . P. G. Betarte and R. Martnez, “Web application attacks detection

using machine learning techniques,” in 2018 17th IEEE International Conference on

Machine Learning and Applications (ICMLA), Dec 2018, pp. 1065–1072.

[39] I. T. Holdings, “Modsecurity: Open source web application firewall,”

http://www.modsecurity.org/, Accessed on April 2019.

[40] “Dataset csic-2010,” http://www.isi.csic.es/dataset/.

[41] “Dataset drupal,” https://www.drupal.org/project/dataset.

[42] “Dataset pkdd2007,” http://www.lirmm.fr/pkdd2007-challenge/. [59] T. K.

George, K. P. Jacob, and R. K. James, “Token based detection and neural network

based reconstruction framework against code injection vulnerabilities,” Journal of

Information Security and Applications, vol. 41, pp. 75–91, 2018.

[43] CWE/SANS, “CWE/SANS most top 25 dangerous software

http://www.sans.org/top25-software-errors/, on April 2019.

[44] Clark, A. D.: Modeling the Effects of Burst Packet Loss and Recency on Subjective Voice. IPtel 2001

Workshop.

[45] Jiang, W.: QoS Measurement and Management for Internet Real-time Multimedia Services.
Columbia

University, PHD Thesis, (2003).

[46] Anderson, D. Frivold, T. Valdes, A.: Next-generation Intrusion Detection Expert System (NIDES) : A
Summary.

SRI International, SRI-CSL-95-07 (1995).

[47] Stevens, R. W.: TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley (1994).

[48] Stevens, R. W.: TCP/IP Illustrated, Volume 2: The Implementation. Addison- Wesley (1995).

[49] The LIBNET project homepage: http://www.packetfactory.net/libnet/.

Accessed March 16, 2005.

[50] The libpcap project homepage: http://sourceforge.net/projects/libpcap/. Accessed

March 14, 2005.

[51] Iannaccone, G., Diot, C., Boutremans, C.: Impact of link failures on VoIP perfor- mance.

EPFL-DI-ICA, IC/2002/015 (2002).

[52] Altman, E., Avrachenkov, K., Barakat, C.: TCP in presence of bursty losses. Mea- surement and

Modeling of Computer Systems (2000), 124–133.

[53] Ke Wei, M. Muthuprasanna, Suraj Kothari, "Preventing SQL Injection Attacks in Stored Procedures"
Proceedings of the 2006 Australian Software Engineering Conference (ASWEC'06 IEEE).

[54] P. Bisht, P. Madhusudan, and V. N. Venkatakrishnan. CANDID: Dynamic Candidate Evaluations

for Automatic Prevention of SQL Injection Attacks. ACM Trans. Inf. Syst.Secur., 13(2): 1-39, 2010.

[55] Mei Junjin, "An Approach for SQL Injection Vulnerability Detection," Proc. of TTNG'09, pp.1411-
1414, 27-29 April 2009.

[56] YongJoon Park, JaeChul Park, "Web Application Intrusion Detection System for Input Validation
Attack "Third 2008 International Conference on Convergence AndHybrid Information Technology.

[57] Needleman, S.B., Wunsch, C.D. "A general method applicable to the search for similarities in the
amino acid sequence of two proteins", .T.MoI.BioI.48:443-453, 1970.

[58] Sangita, R., Avinash, K. S., Ashok S. S.: Detecting and Defeating SQL Injection AttacksInternational
Journal of Information and Electronics Engineering, 2011.

[59] Nausheen, K.: Detection and Prevention of SQL Injection Attacks by Request Receiver, Analyzer and
Test Model. 2011.

[60] Cristian, N., et al.: CBRid4SQL: A CBR Intrusion Detector for SQL Injection Attacks. 2010.

[61] Shikhar Jain & Alwyn R. Pais," Model Based Approach to Prevent SQL Injection Attacks on.NET
Applications" International Journal of Computer Science & Informatics, Volume-1, Issue-11, 2011.

[62] RA. McClure, and J.H. Kruger, "SQL DOM: compile time checking of dynamic SQL statements,"
Software Engineering, 2005. ICSE 2005. Proceedings. 27th International Conference on, pp. 88-96, 15-21
May 2005.