##plugins.themes.academic_pro.article.main##

Abstract

Internet may be the supreme supply of data, data is situated in distinct data format and can be accessible everywhere you go, consumer will get connection together with web by way of request covering available as GUI screen, signifies Net is accessible through the use of browser in which consumer might feed his/her data pertaining to authentication in case required through request. Seeing that on view natural environment involving web connection and design development, distinct authentication mechanism, security password safety and an incredible number of protection treatments have been made to defend the approval via unauthorized entry but still crooks are aimed towards distinct ways to break the actual protection, it may be through hit and walk methods, through infecting computer system, through surging computer system, But within the actual suggest cardstock a fresh strategy have been offered to get SQL-Injection being exposed, in case offered in user’s suggestions, the item assessments dilemma personal, finger prints and mapping blend to help think any intruding activities throughout the process,

This suggest strategy is simple to use, since it simply desires fingerprinting and mapping paradigm involving dilemma and all too easy to change, in case new personal is found, instead of positioning any overhead within the existing doing work process.

Keywords— SQL-Injection; SVM; Attack;

##plugins.themes.academic_pro.article.details##

Author Biography

Gunjan Shukla, Professor C.S. Satsangi, Medicaps Institute of Science and Technology, Indore

Information Technology
How to Cite
Professor C.S. Satsangi, G. S. (2015). SQL-Injection Vulnerability Analysis Using Machine Learning Technique. International Journal of Emerging Trends in Science and Technology, 2(06). Retrieved from http://igmpublication.org/ijetst.in/index.php/ijetst/article/view/770

References

1. Alexander Schaub,Emmanuel Schneider, Alexandros Hollender ,”Attacking Suggest Boxes in Web Applications Over HTTPS Using Side-Channel Stochastic Algorithms”, CRiSIS 2014 conference
2. A Classification of SQL Inject ion Attacks and Countermeasures: William G.J. Hal Fond and Alessandro Orso, Col lege of Computing, Georgia Institute of Technology.Gatech.edu.
3. D. Scott and R. Sharp, “Abstracting Application - level Web Security”, In Proceedings of the 11th International Conference on the World Wide Web (WWW 2002), Pages 396–407, 2002.Y. Huang, F. Yu, C. Hang, C. H. Tsai, D. T. Lee, and S. Y. Kuo.
4. “Securing Web Application Code by Static Analysis and Runtime Protection”, In Proceedings of the 12thInternational World Wide Web Conference (WWW 04), May 2004.
5. Xiang Fu, Xin Lu, Boris Peltsverger, Shijun Chen, "A Static Analysis Framework For Detecting SQL Injection Vulnerabilities", IEEE Transaction of computer software and application conference, 2007.
6. G.T. Buehrer, B.W.Weide and P.A..G.Sivilotti, "Using Parse tree validation to prevent SQL Injection attacks",In proc. Of the 5th International Workshop on Software Engineering and Middleware(SEM '056), Pages 106-113, Sep. 2005.
7. V.B. Livshits and M.S. Lam, "Finding Security vulnerability in java applications with static analysis", In proceedings of the 14th Usenix Security Symposium, Aug 2005.
8. William G.J. Halfond, Alessandro Orso,Panagiotis Manolios, "WASP:Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation", IEEE Transaction of Software Engineering Vol34 Nol, January/February 2008.
9. W.G. J. Halfond and A. Orso, "Combining Static Analysis and Run time monitoring to counter SQL Injection attacks", 3rd International workshop on Dynamic Analysis, St. Louis, Missouri, 2005, pp.1.
10. Marco Cova, Davide Balzarotti, Viktoria Felmetsger, and Giovanni vigna, " Swaddler: An approach for the anamoly based character distribution models in the detection of SQL Injection attacks", Recent Advances in Intrusion Detection System, Pages 63-86, Springerlink, 2007.
11. NTAGW ABIRA Lambert and KANG Song Lin ,” Use of Query Tokenization to detect and prevent SQL Injection Attacks”, IEEE,2010.
12. Vipin Das 1, Vijaya Pathak2, Sattvik Sharma3 , Sreevathsan4 , MVVNS.Srikanth5,Gireesh Kumar T,” NETWORK INTRUSION DETECTION SYSTEM BASED ON MACHINE LEARNING ALGORITHMS”, International Journal of Computer Science & Information Technology (IJCSIT), Vol 2, No 6, December 2010.
13. Shui Yu, Member, IEEE, Wanlei Zhou, Senior Member, IEEE,Weijia Jia, Senior Member, IEEE, Song Guo, Senior Member, IEEE,Yong Xiang, and Feilong Tang,(2012), “Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient”, IEEE Transactions On Parallel And Distributed Systems.
14. Sujatha Sivabalan, Dr P J Radcliffe (2013). “A Novel Framework to detect and block DDoS attack at the Application layer”IEEE 2013-Tencon.”
15. Tao Peng and Christopher Leckie and Kotagiri Ramamohanarao (2006), “Survey of Network-based Defense Mechanisms Countering the DoS and DDoS Problems,” ACM Transactions on Computational Logic.
16. XIE Yi and YU Shunzheng, “A Detection Approach of User Behaviors Based on HsMM”, ITC19/ Performance Challenges for Efficient Next Generation Networks.
17. Yang Xiang, Member, IEEE, Ke Li, and Wanlei Zhou (2011), “Low-Rate DDoS Attacks Detection and Trace back by Using New Information Metrics”, IEEE Transactions on Information Technology.
18. Yi Xie and Shun-Zheng Yu, (2009), “A Large-Scale Hidden Semi-Markov Model for Anomaly Detection on User Browsing Behaviors”, IEEE/ACM Transactions on Networking.
19. Yu Chen, Member IEEE, Kai Hwang, Fellow IEEE, and Wei-Shinn Ku, Member, IEEE “Collaborative Detection of DDoS Attacks over Multiple Network Domains” IEEE Transactions on Parallel And Distributed Systems.
20. Romil rawat,Shailendra Kumar Shrivastava,” SQL injection attack Detection using SVM”,ijca, Volume 42– No.13, March 2012.