Authors:
Alexandra Rocha
1
;
Rui Alves
1
and
Tiago Pedrosa
1
;
2
;
3
Affiliations:
1
Instituto Politécnico de Bragança, Campus de Santa Apolónia, 5300-253 Bragança, Portugal
;
2
Research Centre in Digitalization and Intelligent Robotics (CeDRI), Instituto Politécnico de Bragança, Campus de Santa Apolónia, 5300-253 Bragança, Portugal
;
3
Laboratório Associado para a Sustentabilidade e Tecnologia em Regiões de Montanha (SuSTEC), Instituto Politécnico de Bragança, Campus de Santa Apolónia, 5300-253 Bragança, Portugal
Keyword(s):
SQL Injection, IDS, MySQL, Attacks, Detection.
Abstract:
Nowadays, more and more services are dependent on the use of resources hosted on the web. The realization of operations such as access to the account bank, credit card operations, among other operations, is something increasingly common in current times, demonstrating not only human dependence on the internet connection, as well as the need to adapt the web resources to the daily life of society. As a result of this growing dependency, web resources now provide a greater amount of confidential information, making the risk of a cyberattack and information leaking grow considerably. In the web context, one of the most well-known attacks is SQL injection that allows the attacker to exploit, through the injection of malicious queries, access to confidential information. This paper suggests a solution for the detection of SQL injection via web resources, using the analysis of the logs of the executed queries.