WEKO3
アイテム
A Learning Algorithm of Threshold Value on the Automatic Detection of SQL Injection Attack
https://ipsj.ixsq.nii.ac.jp/records/82838
https://ipsj.ixsq.nii.ac.jp/records/828382e87ad09-c55d-4c97-8077-d09444c04932
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-MPS12089010.pdf (435.4 kB)
|
Copyright (c) 2012 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | SIG Technical Reports(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2012-07-09 | |||||||
| タイトル | ||||||||
| タイトル | A Learning Algorithm of Threshold Value on the Automatic Detection of SQL Injection Attack | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | A Learning Algorithm of Threshold Value on the Automatic Detection of SQL Injection Attack | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_18gh | |||||||
| 資源タイプ | technical report | |||||||
| 著者所属 | ||||||||
| Faculty of Information Technology and Business, Cyber University | ||||||||
| 著者所属 | ||||||||
| Faculty of Information Technology and Business, Cyber University | ||||||||
| 著者所属 | ||||||||
| Faculty of Information Technology and Business, Cyber University | ||||||||
| 著者所属 | ||||||||
| Research Institute for Science and Engineering, Waseda University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Faculty of Information Technology and Business, Cyber University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Faculty of Information Technology and Business, Cyber University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Faculty of Information Technology and Business, Cyber University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Research Institute for Science and Engineering, Waseda University | ||||||||
| 著者名 |
Daiki, Koizumi
Takeshi, Matsuda
Michio, Sonoda
Shigeichi, Hirasawa
× Daiki, Koizumi Takeshi, Matsuda Michio, Sonoda Shigeichi, Hirasawa
|
|||||||
| 著者名(英) |
Daiki, Koizumi
Takeshi, Matsuda
Michio, Sonoda
Shigeichi, Hirasawa
× Daiki, Koizumi Takeshi, Matsuda Michio, Sonoda Shigeichi, Hirasawa
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. Those approaches, however, have some problems in terms of the size of list or calculation costs as the number of attacks increases. For this point, the authors have previously proposed a simple automatic detection algorithm of SQL injection attack. This algorithm requires to calculate the contained rate of suspicious characters with input sequence. This rate would be compared with a known real-valued threshold. This paper proposes the learning algorithm to choose the real-valued threshold from training data sets. Furthermore, some criteria would be considered and their performances would also be examined. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | The SQL injection attack causes very serious problem to web applications which have database including personal data. To detect the SQL injection attack, the parsing and the black list based on the existed attack have been widely used. Those approaches, however, have some problems in terms of the size of list or calculation costs as the number of attacks increases. For this point, the authors have previously proposed a simple automatic detection algorithm of SQL injection attack. This algorithm requires to calculate the contained rate of suspicious characters with input sequence. This rate would be compared with a known real-valued threshold. This paper proposes the learning algorithm to choose the real-valued threshold from training data sets. Furthermore, some criteria would be considered and their performances would also be examined. | |||||||
| 書誌レコードID | ||||||||
| 収録物識別子タイプ | NCID | |||||||
| 収録物識別子 | AN10505667 | |||||||
| 書誌情報 |
研究報告数理モデル化と問題解決(MPS) 巻 2012-MPS-89, 号 10, p. 1-6, 発行日 2012-07-09 |
|||||||
| Notice | ||||||||
| SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc. | ||||||||
| 出版者 | ||||||||
| 言語 | ja | |||||||
| 出版者 | 情報処理学会 | |||||||
