GDL

Journal from gdlhub / 2019-05-04 10:37:07
Oleh : Rajif Agung Yunmar, Kursor
Dibuat : 2019-05-04, dengan 1 file

Keyword : hybrid intrusion detection system, signature-based IDS, sql injection, fuzzy logic.
Url : http://kursorjournal.org/index.php/kursor/article/view/147
Sumber pengambilan dokumen : WEB

SQL injection attacks toward web application increasingly prevalent. Testing to the web

that will published is the one of preventive measures. However, this method sometimes

ineffective because constrained by various things. Instrusion detection system (IDS) has

ability to help and protect the website from various attacks. This study proposed a hybrid

IDS for web applications from SQL injection attacks. The IDS built based on hybrid

architecture with a signature-based detection method, type of data that will be analyzed is

network data packet and error log. The fuzzy logic inference engine used to be drawn the

conclusion based on analyzed data. Proposed hybrid IDS tested against various types of

SQL injection attack, such as Tautology, UNION query, Piggy-backed query, Malformed

query, Stored Procedure, and Alternate Encoding. System testing is done with three

scenarios with the aim of seeing the hybrid IDS response to the occurrence of false

positives and false negative, including: testing with normal website access, testing with

normal website access but inserting suspicious strings as part of SQL injection, and access

that is truly a SQL injection attack. The result test shows that proposed hybrid IDS has

good performance on detecting the various type of SQL injection attack, and significantly

reduce or even remove the false positive and false negative.

Beri Komentar ?#(0) | Bookmark

Properti	Nilai Properti
ID Publisher	gdlhub
Organisasi	Kursor
Nama Kontak	Herti Yani, S.Kom
Alamat	Jln. Jenderal Sudirman
Kota	Jambi
Daerah	Jambi
Negara	Indonesia
Telepon	0741-35095
Fax	0741-35093
E-mail Administrator	elibrarystikom@gmail.com
E-mail CKO	elibrarystikom@gmail.com