Currently, one of the most dangerous and common threats to databases and Web applications is the SQL injection attack.

juan-manuel-corchado-idmas-sql-01

It typically involves malicious modifications of the user SQL input either by adding additional clauses or by changing the structure of an existing clause. SQL injection enables attackers to access, modify, or delete critical information in a database without proper authorization. In spite of being a well-known type of attack, the SQL injection remains at the top of the published list of security threats. The solutions proposed so far seem insufficient to prevent and block this type of attack because these solutions lack the learning and adaptation capabilities for dealing with 0-day (previously unseen) attacks as well as new or future variations of attacks. Furthermore, the vast majority of these solutions are based on centralized mechanisms, with little capacity to work in distributed and dynamic environments.

The developed system is based on a hierarchical and distributed strategy where the functionalities are structured on layers. The agents in each one of the layers are specialized in specific tasks, such as data gathering, data classification, and visualization. This works presents two key agents under a hybrid architecture: a classifier agent that incorporates a Case-Based Reasoning engine employing advanced algorithms in the reasoning cycle stages; and a visualizer agent that integrates several techniques to facilitate the visual analysis of suspicious queries. The former incorporates a new classification model based on a mixture of a neural network and a Support Vector Machine in order to classify SQL queries in a reliable way. The latter combines clustering and neural projection techniques to support the visual analysis and identification of target attacks.

ASSOCIATED PROJECTS

NATIONALS

SQLCBR

Reference: TSI-020100-2008-31

Funding body: Ministerio de Industria, Turismo y Comercio. Avanza I+D. Acción Estratégica de Telecomunicaciones y Sociedad de la Información.

Collaborators: Universidad de Salamanca, Flag Solutions S.L.

Principal Research: Javier Bajo Pérez

Start date: 10/07/2008           End date: 25/12/2009

PUBLICATIONS

idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining. 

Authors: Cristian I. Pinzón, Juan F. De Paz, Álvaro Herrero, Emilio Corchado, Javier Bajo and Juan M. Corchado

Journal: Information Sciences. Volume 231, pp. 15-31. Elsevier BV.

Publication date: 2013

ISSN: 0020-0255 (Print)

DOI: 10.1016/j.ins.2011.06.020

juan-manuel-corchado-idmas-slq-02

 

 

Posted by Juan M. Corchado

Juan Manuel Corchado (15 de Mayo de 1971, Salamanca, España) Catedrático en la Universidad de Salamanca. Ha sido Vicerrector de Investigación desde el 2013 hasta el 2017 y Director del Parque Científico de la Universidad de Salamanca. Elegido dos veces como Decano de la Facultad de Ciencias, es Doctor en Ciencias de la Computación por la Universidad de Salamanca y, además, es Doctor en Inteligencia Artificial por la University of the West of Scotland. Dirige el Grupo de Investigación Reconocido BISITE (Bioinformática, Sistemas Inteligentes y Tecnología Educativa), creado en el año 2000. Director del IOT Digital Innovation Hub y presidente del AIR Institute, J. M. Corchado también es Profesor Visitante en el Instituto Tecnológico de Osaka desde enero de 2015, Profesor visitante en la Universiti Malaysia Kelantan y Miembro del Advisory Group on Online Terrorist Propaganda of the European Counter Terrorism Centre (EUROPOL). J. M. Corchado ha sido presidente de la asociación IEEE Systems, Man and Cybernetics, y coordinador académico del Instituto Universitario de Investigación en Arte y Tecnología de la Animación de la Unviersidad de Salamanca e investigador en las Universidades de Paisley (UK), Vigo (Spain) y en el Plymouth Marine Laboratory (UK). En la actualidad compagina toda su actividad con la dirección de los programas de Máster en Seguridad, Animación Digital, Telefonía Movil, Dirección de Sistemas de Información, Internet de las Cosas, Social Media, Diseño e Impresión 3D, Blockchain, Z System, Industria 4.0, Gestión de Proyectos Ágiles y Smart Cities & Intelligent Buildings​, en la Universidad de Salamanca y su trabajo como editor jefe de las revistas ADCAIJ (Advances in Distributed Computing and Artificial Intelligence Journal), OJCST (Oriental Journal of Computer Science and Technology) o Electronics MDPI (Computer Science & Engineering section). J. M. Corchado desarrolla principalmente trabajos en proyectos relacionados con Inteligencia Artificial, Machine Learning, Blockchain, IoT, Fog Computing, Edge Computing, Smart Cities, Smart Grids y Análisis de sentimiento.

Thanks for your comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.