SciELO - Scientific Electronic Library Online

vol.51 número2Análisis de Fragilidad de una de las Tipologías Estructurales más Relevantes de la Ciudad de Quito. Proyecto TREQ-GEMEstudio de Mezclas Ácido Poliláctico - Almidón de Achira Compatibilizadas con Polivinil Alcohol índice de autoresíndice de assuntospesquisa de artigos
Home Pagelista alfabética de periódicos  

Serviços Personalizados




Links relacionados

  • Não possue artigos similaresSimilares em SciELO


Revista Politécnica

versão On-line ISSN 2477-8990versão impressa ISSN 1390-0129


ANASCO, Cesar; MOROCHO, Karen  e  HALLO, María. Using Data Mining Techniques for the Detection of SQL Injection Attacks on Database Systems. Rev Politéc. (Quito) [online]. 2023, vol.51, n.2, pp.19-28. ISSN 2477-8990.

In any business organization, database infrastructures are subject to various structured query language (SQL) injection attacks, such as tautologies, alternative coding, stored procedures, use of the union operator, piggyback, among others. This article describes a data mining project developed to mitigate the problem of identifying SQL injection attacks on databases. The project was conducted using an adaptation of the cross-industry standard process for data mining (CRISP-DM) methodology. A total of 12 python libraries was used for cleaning, transformation, and modeling. The anomaly detection model was carried out using clustering by the k - nearest neighbors (kNN) algorithm. The query text was analyzed for the groups with anomalies to identify sentences presenting attack traces. A web interface was implemented to display the daily summary of the attacks found. The information source was obtained from the transactions log of a PostgreSQL database server. Our results allowed the identification of different attacks by injection of SQL code above 80%. The execution time for processing half a million transaction log was approximately 60 minutes using a computer with the following characteristics: Intel® Core i7 processor 7th generation, 12GB RAM and 500GB SSD.

Palavras-chave : Log; Database Attacks; Anomalies; Queries; CRISP-DM; IDS (Intrusion Detection Systems).

        · resumo em Espanhol     · texto em Espanhol     · Espanhol ( pdf )