dc.contributor.author | Pinzon, Cristian I. | |
dc.contributor.author | Paz, Juan F. de | |
dc.contributor.author | Herrero Cosío, Álvaro | |
dc.contributor.author | Corchado, Emilio | |
dc.contributor.author | Bajo, Javier | |
dc.contributor.author | Corchado, Juan M. | |
dc.date.accessioned | 2015-11-10T11:32:01Z | |
dc.date.available | 2015-11-10T11:32:01Z | |
dc.date.issued | 2013-05 | |
dc.identifier.issn | 0020-0255 | |
dc.identifier.uri | http://hdl.handle.net/10259/3875 | |
dc.description.abstract | This study presents a multiagent architecture aimed at detecting SQL injection attacks, which are one of the most prevalent threats for modern databases. The proposed architecture is based on a hierarchical and distributed strategy where the functionalities are structured on layers. SQL-injection attacks, one of the most dangerous attacks to online databases, are the focus of this research. The agents in each one of the layers are specialized in specific tasks, such as data gathering, data classification, and visualization. This study presents two key agents under a hybrid architecture: a classifier agent that incorporates a Case-Based Reasoning engine employing advanced algorithms in the reasoning cycle stages, and a visualizer agent that integrates several techniques to facilitate the visual analysis of suspicious queries. The former incorporates a new classification model based on a mixture of a neural network and a Support Vector Machine in order to classify SQL queries in a reliable way. The latter combines clustering and neural projection techniques to support the visual analysis and identification of target attacks. The proposed approach was tested in a real-traffic case study and its experimental results, which validate the performance of the proposed approach, are presented in this paper | en |
dc.description.sponsorship | Spanish Ministry of Science projects OVAMAH (TIN 2009-13839-C03-03) and MIDAS (TIN 2010-21272-C02-01), funded by the European Regional Development Fund, projects of the Junta of Castilla and Leon BU006A08 and JCYL-2002-05; Projects of the Spanish Government SA071A08, CIT-020000-2008-2 and CIT-020000-2009-12; the Professional Excellence Program 2006-2010 IFARHU-SENACYT-Panama. The authors would also like to thank the vehicle interior manufacturer, Grupo Antolin Ingenieria S.A., within the framework of the project MAGNO2008 - 1028. - CENIT Project funded by the Spanish Ministry. | en |
dc.format.mimetype | application/pdf | |
dc.language.iso | eng | es |
dc.publisher | Elsevier | en |
dc.relation.ispartof | Information Sciences. 2013, V. 231, p. 15–31 | en |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.subject | Intrusion Detection | en |
dc.subject | SQL injection attacks | en |
dc.subject | Data mining | en |
dc.subject | CBR | en |
dc.subject | SVM | en |
dc.subject | Neural networks | en |
dc.subject.other | Informática | es |
dc.subject.other | Computer science | en |
dc.title | idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining | en |
dc.type | info:eu-repo/semantics/article | |
dc.rights.accessRights | info:eu-repo/semantics/openAccess | |
dc.relation.publisherversion | http://dx.doi.org/10.1016/j.ins.2011.06.020 | |
dc.identifier.doi | 10.1016/j.ins.2011.06.020 | |
dc.relation.projectID | info:eu-repo/grantAgreement/JCyL/BU006A08 | |
dc.relation.projectID | info:eu-repo/grantAgreement/JCyL/JCYL-2002-05 | |
dc.relation.projectID | info:eu-repo/grantAgreement/MICINN/TIN 2009-13839-C03-03 | |
dc.relation.projectID | info:eu-repo/grantAgreement/MICINN/TIN 2010-21272-C02-01 | |
dc.relation.projectID | info:eu-repo/grantAgreement/MICINN/CIT-020000-2008-2 | |
dc.relation.projectID | info:eu-repo/grantAgreement/MICINN/CIT-020000-2009-12 | |
dc.relation.projectID | info:eu-repo/grantAgreement/GE/SA071A08 | |
dc.type.hasVersion | info:eu-repo/semantics/acceptedVersion | en |