Title :
High-Interaction Honeypot System for SQL Injection Analysis
Author :
Ma, Jiao ; Chai, Kun ; Xiao, Yao ; Lan, Tian ; Huang, Wei
Author_Institution :
Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
In order to solve the problems that IDSs and firewalls cannot efficiently detect new SQL injection and too much time is wasted when the security personnel reads log files to analyze attacks, we proposed and implemented a high-interaction web honey pot system for SQL injection analysis. By (i)modifying PHP extension for MySQL to intercept data-base requests and (ii)adopting exception based and signature based detection techniques, the system can generate the corresponding attack graphs to solve problems above. For illustration, SQL injection attack examples are utilized to show the performance of the honey pot system. The results show that the honey pot system can intercept all database requests and increase the efficiency of SQL injection analysis with the attack graphs. This system provides an efficient and timely detection on the new SQL injection and helps security personnel quickly analyzing the new SQL injection with the attack graph.
Keywords :
Internet; SQL; authorisation; computer network security; graphs; IDS; MySQL; PHP extension; SQL injection attack; attack graph; firewall; high-interaction Web honeypot system; high-interaction honeypot system; intercept database request; log file; security personnel; signature based detection technique; Computers; Information technology; SQL injection; attack graph; honeypot;
Conference_Titel :
Information Technology, Computer Engineering and Management Sciences (ICM), 2011 International Conference on
Conference_Location :
Nanjing, Jiangsu
Print_ISBN :
978-1-4577-1419-1
DOI :
10.1109/ICM.2011.287
