Applied web traffic analysis for numerical encoding of SQL Injection attack features.

SQL Injection Attack (SQLIA) remains a technique used by a computer network intruder to pilfer an organisation’s confidential data. This is done by an intruder re-crafting web form’s input and query strings used in web requests with malicious intent to compromise the security of an organisation’s confidential data stored at the back-end database. The database is the most valuable data source, and thus, intruders are unrelenting in constantly evolving new techniques to bypass the signature’s solutions currently provided in Web Application Firewalls (WAF) to mitigate SQLIA. There is therefore a need for an automated scalable methodology in the pre-processing of SQLIA features fit for a supervised learning model. However, obtaining a ready-made scalable dataset that is feature engineered with numerical attributes dataset items to train Artificial Neural Network (ANN) and Machine Leaning (ML) models is a known issue in applying artificial intelligence to effectively address ever evolving novel SQLIA signatures. This proposed approach applies numerical attributes encoding ontology to encode features (both legitimate web requests and SQLIA) to numerical data items as to extract scalable dataset for input to a supervised learning model in moving towards a ML SQLIA detection and prevention model. In numerical attributes encoding of features, the proposed model explores a hybrid of static and dynamic pattern matching by implementing a Non-Deterministic Finite Automaton (NFA). This combined with proxy and SQL parser Application Programming Interface (API) to intercept and parse web requests in transition to the back-end database. In developing a solution to address SQLIA, this model allows processed web requests at the proxy deemed to contain injected query string to be excluded from reaching the target back-end database. This paper is intended for evaluating the performance metrics of a dataset obtained by numerical encoding of features ontology in Microsoft Azure Machine Learning (MAML) studio using Two-Class Support Vector Machines (TCSVM) binary classifier. This methodology then forms the subject of the empirical evaluation.

An investigation into PL/SQL Injection.

SQL injection is a common attack method used to leverage infor-mation out of a database or to compromise a company’s network. This paper investigates four injection attacks that can be conducted against the PL/SQL engine of Oracle databases, comparing two recent releases (10g, 11g) of Oracle. The results of the experiments showed that both releases of Oracle were vulner-able to injection but that the injection technique often differed in the packages that it could be conducted in.

Numerical encoding to tame SQL injection attacks.

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations’ databases. Intruders becoming smarter in obfuscating web requests to evade detection combined with increasing volumes of web traffic from the Internet of Things (IoT), cloud-hosted and on-premise business applications have made it evident that the existing approaches of mostly static signature lack the ability to cope with novel signatures. A SQLIA detection and prevention solution can be achieved through exploring an alternative bio-inspired supervised learning approach that uses input of labelled dataset of numerical attributes in classifying true positives and negatives. We present in this paper a Numerical Encoding to Tame SQLIA (NETSQLIA) that implements a proof of concept for scalable numerical encoding of features to a dataset attributes with labelled class obtained from deep web traffic analysis. In the numerical attributes encoding: the model leverages proxy in the interception and decryption of web traffic. The intercepted web requests are then assembled for front-end SQL parsing and pattern matching by applying traditional Non-Deterministic Finite Automaton (NFA). This paper is intended for a technique of numerical attributes extraction of any size primed as an input dataset to an Artificial Neural Network (ANN) and statistical Machine Learning (ML) algorithms implemented using Two-Class Averaged Perceptron (TCAP) and Two-Class Logistic Regression (TCLR) respectively. This methodology then forms the subject of the empirical evaluation of the suitability of this model in the accurate classification of both legitimate web requests and SQLIA payloads.

1st Kassel Student Workshop on Security in Distributed Systems

With this document, we provide a compilation of in-depth discussions on some of the most current security issues in distributed systems. The six contributions have been collected and presented at the 1st Kassel Student Workshop on Security in Distributed Systems (KaSWoSDS’08). We are pleased to present a collection of papers not only shedding light on the theoretical aspects of their topics, but also being accompanied with elaborate practical examples. In Chapter 1, Stephan Opfer discusses Viruses, one of the oldest threats to system security. For years there has been an arms race between virus producers and anti-virus software providers, with no end in sight. Stefan Triller demonstrates how malicious code can be injected in a target process using a buffer overflow in Chapter 2. Websites usually store their data and user information in data bases. Like buffer overflows, the possibilities of performing SQL injection attacks targeting such data bases are left open by unwary programmers. Stephan Scheuermann gives us a deeper insight into the mechanisms behind such attacks in Chapter 3. Cross-site scripting (XSS) is a method to insert malicious code into websites viewed by other users. Michael Blumenstein explains this issue in Chapter 4. Code can be injected in other websites via XSS attacks in order to spy out data of internet users, spoofing subsumes all methods that directly involve taking on a false identity. In Chapter 5, Till Amma shows us different ways how this can be done and how it is prevented. Last but not least, cryptographic methods are used to encode confidential data in a way that even if it got in the wrong hands, the culprits cannot decode it. Over the centuries, many different ciphers have been developed, applied, and finally broken. Ilhan Glogic sketches this history in Chapter 6.

INFO2009 - Team 'DROP TABLE groups;

Edshare for INFO2009 coursework 2 - Team 'DROP TABLE groups;

Portal de búsqueda de vulnerabiblidades web

El proyecto consiste en un portal de búsqueda de vulnerabilidades web, llamado Krashr, cuyo objetivo es el de buscar si una página web introducida por un usuario contiene algún tipo de vulnerabilidad explotable, además de tratar de ayudar a este usuario a arreglar las vulnerabilidades encontradas. Se cuenta con un back-end realizado en Python con una base de datos PostreSQL, un front-end web realizado en AngularJS y una API basada en Node.js y Express que comunica los dos frentes.

A multiagent based strategy for detecting attacks in databases in a distributed mode

This paper presents a distributed hierarchical multiagent architecture for detecting SQL injection attacks against databases. It uses a novel strategy, which is supported by a Case-Based Reasoning mechanism, which provides to the classifier agents with a great capacity of learning and adaptation to face this type of attack. The architecture combines strategies of intrusion detection systems such as misuse detection and anomaly detection. It has been tested and the results are presented in this paper.

Flow injection green method for the quantitative analysis of ketoconazole in pharmaceutical preparations

A flow injection method for the quantitative analysis of ketoconazole in tablets, based on the reaction with iron (III) ions, is presented. Ketoconazole forms a red complex with iron ions in an acid medium, with maximum absorbance at 495 nm. The detection limit was estimated to be 1×10--4 mol L-1; the quantitation limit is about 3×10--4 mol L-1 and approximately 30 determinations can be performed in an hour. The results were compared with those obtained with a reference HPLC method. Statistical comparisons were done using the Student's t procedure and the F test. Complete agreement was found at the 0.95 significance level between the proposed flow injection and the HPLC procedures. The two methods present similar precision, i.e., for HPLC the mean relative standard deviation was ca. 1.2% and for FIA ca. 1.6%.

Evaluation of a simple hyphenated system for flow injection solid-phase pre-concentration and capillary electrophoresis

In this work, the development and evaluation of a hyphenated flow injection-capillary electrophoresis system with on-line pre-concentration is described. Preliminary tests were performed to investigate the influence of flow rates over the analytical signals. Results revealed losses in terms of sensitivity of the FIA-CE system when compared to the conventional CE system. To overcome signal decrease and to make the system more efficient, a lower flow rate was set and an anionic resin column was added to the flow manifold in order to pre-concentrate the analyte. The pre-concentration FIA-CE system presented a sensitivity improvement of about 660% and there was only a small increase of 8% in total peak dispersion. These results have confirmed the great potential of the proposed system for many analytical tasks especially for low concentration samples.

Determination of picloram in waters by sequential injection chromatography with UV detection

This paper describes a sequential injection chromatography procedure for determination of picloram in waters exploring the low backpressure of a 2.5 cm long monolithic C18 column. Separation of the analyte from the matrix was achieved in less than 60 s using a mobile phase composed by 20:80 (v v-1) acetonitrile:5.0 mmol L-1 H3PO4 and flow rate of 30 μL s-1. Detection was made at 223 nm with a 40 mm optical path length cell. The limits of detection and quantification were 33 and 137 μg L-1, respectively. The proposed method is sensitive enough to monitor the maximum concentration level for picloram in drinking water (500 μg L-1). The sampling frequency is 60 analyses per hour, consuming only 300 μL of acetonitrile per analysis. The proposed methodology was applied to spiked river water samples and no statistically significant differences were observed in comparison to a conventional HPLC-UV method.

Development of a flow through photo-reactor to study degradation of organic compounds by Sequential Injection Analysis (SIA)

This work describes a photo-reactor to perform in line degradation of organic compounds by photo-Fenton reaction using Sequential Injection Analysis (SIA) system. A copper phthalocyanine-3,4',4²,4²¢-tetrasulfonic acid tetrasodium salt dye solution was used as a model compound for the phthalocyanine family, whose pigments have a large use in automotive coatings industry. Based on preliminary tests, 97% of color removal was obtained from a solution containing 20 µmol L-1 of this dye.

Cell Therapy Attenuates Cardiac Dysfunction Post Myocardial Infarction: Effect of Timing, Routes of Injection and a Fibrin Scaffold

Background: Cell therapy approaches for biologic cardiac repair hold great promises, although basic fundamental issues remain poorly understood. In the present study we examined the effects of timing and routes of administration of bone marrow cells (BMC) post-myocardial infarction (MI) and the efficacy of an injectable biopolymer scaffold to improve cardiac cell retention and function. Methodology/Principal Findings: (99m)Tc-labeled BMC (6x10(6) cells) were injected by 4 different routes in adult rats: intravenous (IV), left ventricular cavity (LV), left ventricular cavity with temporal aorta occlusion (LV(+)) to mimic coronary injection, and intramyocardial (IM). The injections were performed 1, 2, 3, or 7 days post-MI and cell retention was estimated by gamma-emission counting of the organs excised 24 hs after cell injection. IM injection improved cell retention and attenuated cardiac dysfunction, whereas IV, LV or LV* routes were somewhat inefficient (< 1%). Cardiac BMC retention was not influenced by timing except for the IM injection that showed greater cell retention at 7 (16%) vs. 1, 2 or 3 (average of 7%) days post-MI. Cardiac cell retention was further improved by an injectable fibrin scaffold at day 3 post-MI (17 vs. 7%), even though morphometric and function parameters evaluated 4 weeks later displayed similar improvements. Conclusions/Significance: These results show that cells injected post-MI display comparable tissue distribution profile regardless of the route of injection and that there is no time effect for cardiac cell accumulation for injections performed 1 to 3 days post-MI. As expected the IM injection is the most efficient for cardiac cell retention, it can be further improved by co-injection with a fibrin scaffold and it significantly attenuates cardiac dysfunction evaluated 4 weeks post myocardial infarction. These pharmacokinetic data obtained under similar experimental conditions are essential for further development of these novel approaches.

Flow injection analysis of paracetamol using a biomimetic sensor as a sensitive and selective amperometric detector

This work describes the coupling of a biomimetic sensor to a flow injection system for the sensitive determination of paracetamol. The sensor was prepared as previously described in the literature (M. D. P. T. Sotomayor, A. Sigoli, M. R. V. Lanza, A. A. Tanaka and L. T. Kubota, J. Braz. Chem. Soc., 2008, 19, 734) by modifying a glassy carbon electrode surface with a Nafion (R) membrane doped with iron tetrapyridinoporphyrazine (FeTPyPz), a biomimetic catalyst of the P450 enzyme. The performance of the sensor for paracetamol detection was investigated and optimized in a flow injection system (FIA) using a wall jet electrochemical cell. Under optimized conditions a wide linear response range (1.0 x 10(-5) to 5.0 x 10(-2) mol L(-1)) was obtained, with a sensitivity of 2579 (+/- 129) mu A L mu mol(-1). The detection and quantification limits of the sensor for paracetamol in the FIA system were 1.0 and 3.5 mu mol L(-1), respectively. The analytical frequency was 51 samples h(-1), and over a period of five days (320 determinations) the biosensor maintained practically the same response. The system was successfully applied to paracetamol quantification in seven pharmaceutical formulations and in water samples from six rivers in Sao Paulo State, Brazil.

A flow injection procedure based on solenoid micro-pumps for spectrophotometric determination of free glycerol in biodiesel

A flow system designed with solenoid micro-pumps is proposed for fast and greener spectrophotometric determination of free glycerol in biodiesel. Glycerol was extracted from samples without using organic solvents. The determination involves glycerol oxidation by periodate, yielding formaldehyde followed by formation of the colored (3,5-diacetil-1,4-dihidrolutidine) product upon reaction with acetylacetone. The coefficient of variation, sampling rate and detection limit were estimated as 1.5% (20.0 mg L(-1) glycerol, n =10), 34 h(-1), and 1.0 mg L(-1) (99.7% confidence level), respectively. A linear response was observed from 5 to 50 mg L(-1), with reagent consumption estimated as 345 mu g of KIO(4) and 15 mg of acetylacetone per determination. The procedure was successfully applied to the analysis of biodiesel samples and the results agreed with the batch reference method at the 95% confidence level. (C) 2010 Elsevier B.V. All rights reserved.

Downscaling a multicommuted flow injection analysis system for the photometric determination of iodate in table salt

In this work a downscaled multicommuted flow injection analysis setup for photometric determination is described. The setup consists of a flow system module and a LED based photometer, with a total internal volume of about 170 mu L The system was tested by developing an analytical procedure for the photometric determination of iodate in table salt using N,N-diethyl-henylenediamine (DPD) as the chromogenic reagent. Accuracy was accessed by applying the paired r-test between results obtained using the proposed procedure and a reference method, and no significant difference at the 95% confidence level was observed. Other profitable features, such as a low reagent consumption of 7.3 mu g DPD per determination: a linear response ranging from 0.1 up to 3.0 m IO(3)(-), a relative standard deviation of 0.9% (n = 11) for samples containing 0.5 m IO(3)(-), a detection limit of 17 mu g L(-1) IO(3)(-), a sampling throughput of 117 determination per hour, and a waste generation 600 mu L per determination, were also achieved. (C) 2010 Elsevier B.V. All rights reserved.