[转载]A Learning-Based Approach to the Detection of SQL Attacks

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

Unfortunately, it is not always possible to identify these attacks using signature-based intrusion detection systems, because of the ad hoc nature of many web-based ap- plications. Signatures are rarely written for this class of applications due to the substantial investment of time and expertise this would require. We have developed an anomaly-based system that learns the profiles of the normal database access performed by web-based applications using a number of different models. These models allow for the detection of unknown attacks with reduced false positives and limited overhead. In addition, our solution represents an improvement with respect to previ- ous approaches because it reduces the possibility of executing SQL-based mimicry attacks.