Rule Based Detection of SQL Injection Attack
This paper presents an effective detection method RDUD for SQL injection attack. RDUD is an enhanced version of DUD. The method comprises a supervised machine learning approach using a Support Vector Machine(SVM) to learn and to classify a query at runtime. Two web profiles - legitimate web profile and attack web profile are generated for each of the web-application software which consists of a set of production rules extracted from the dynamic SQL queries. Both the web profiles are generated during training phase. At runtime a dynamic SQL query is matched with each of the web profile and accordingly it classify based on the matching distance.