Digital immunisation through network packets payload analysis and patterns-matching within a security boundary

PhD (part-time): 2011 - 0

phd image
SQL Injection Attack (SQLIA) remains today one of the top techniques used by a computer network intruder to pilfer an organisation’s confidential data. This is done by an intruder re-crafting web requests with malicious intent, to compromise the security of an organisation’s confidential data stored in the back-end database. The database is the most valuable data source, and thus, intruders are unrelenting in constantly evolving new techniques to bypass the solutions currently provided to mitigate SQLIA. Intruders becoming smarter in obfuscating web requests combined with increasing volumes of web traffic has made it evident that the existing approaches of static signature detection and prevention methods lack the ability to cope with processing high volumes of obfuscated web traffic, having to continuously play catch-up to create new slow performing signatures. There is therefore a need for an automated scalable methodology in pre-processing of SQLIA features fit for supervised learning model. This can be achieved through exploring an alternative bio-inspired pattern matching approach which is a direction towards a high accuracy of true positives and negatives in SQLIA detection and prevention.
[Read More]

Team

Solomon Uwagbole
Student
s.uwagbole@napier.ac.uk
+44 131 455 2779
Jessie Kennedy
Panel Chair
j.kennedy@napier.ac.uk
+44 131 455 2772
William Buchanan
Director of Studies
w.buchanan@napier.ac.uk
+44 131 455 2759

Related publications

Uwagbole, S., Buchanan, W., Fan, L. (2012). Novel Tracking of Rogue Network Packets Using Danger Theory Approach. 11th European Conference on Information Warfare and Security (ECIW-2012), , (), .

Resources