An information theoretic approach to detect SQLI Intrusion

BOUKAROUI, HADJER; Supervisor:  SAOUDI, LALIA; Supervisor: Fernini, Belabdelouahab

An information theoretic approach to detect SQLI Intrusion

Files

BOTIKAROUI HADJER.PDF (8.4 MB)

Date

2015-06-10

Authors

BOUKAROUI, HADJER

Supervisor: SAOUDI, LALIA

Supervisor: Fernini, Belabdelouahab

Publisher

University of M'sila

Abstract

SQL Injection (SQLI) is a widespread vulnerability commonly found in web-based programs. Exploitations of SQL injection vulnerabilities lead to harmful consequences such as authentication bypassing and leakage of sensitive personal information. Therefore, SQLI needs to be mitigated to protect end users. In this work, we present an approach to detect SQLI attacks based on information theory. We compute the entropy of each query present in a program accessed before program deployment. During the program execution time, when an SQL query is invoked, we compute the entropy again to identify any change in the entropy measure for that query. The approach then relies on the assumption that dynamic queries with attack inputs result in increased or decreased level of entropy. In contrast, a dynamic query with benign inputs does not result in any change of entropy value.

Keywords

SQL injection, software vulnerability, information theory, entropy.

URI

http://dspace.univ-msila.dz:8080//xmlui/handle/123456789/38653

Collections

Master Thesis

Full item page

An information theoretic approach to detect SQLI Intrusion

Files

Date

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Description

Keywords

Citation

URI

Collections