[Home ] [Archive]   [ فارسی ]  
:: Main :: Archive :: About :: Search :: Submit :: Contact ::
Main Menu
Home::
Journal Information::
About the Journal
Editorial Board
Aims& Scopes
Journal News
Articles archive::
All Issues
Current Issue
For Authors::
Call for Papers
Submission Instruction
Submission Form
For Reviewers::
Reviewers Section
Registration::
Registration Information
Registration Form
Contact us::
Contact Information
Contact us
Site Facilities::
Site map
Search contents
FAQ
Top 10 contents
Inform to friends
::
Search in website

Advanced Search
..
Receive site information
Enter your Email in the following box to receive the site news and information.
..
:: Volume 5, Issue 1 (9-2021) ::
C4I Journal 2021, 5(1): 87-98 Back to browse issues page
Optimizing the detection of SQL injection attacks using a combination of random forest and genetic algorithms
Javad Moradi * , Majid Ghayoori
Imam Hossein University
Abstract:   (1275 Views)
Despite all the efforts of security experts to detect SQL injection attacks, according to OWASP  report’s, SQL injection attack is still used as the most important cyber attack by attackers. In order to detect attacks, two methods are used: signature-based and behavior-based. Signature-based methods are used for known attacks, and behavior-based methods are suitable for detecting unknown attacks. Behavior-based intrusion detection systems are more useful because attacks are implemented in different ways. Behavior can be analyzed by methods such as classification, clustering, etc. One of the most important classification algorithms is the random forest algorithm which has high accuracy and on the other hand the implementation and interpretation of the results can be done easily using this algorithm. According to the studies, the accuracy of the random forest algorithm is highly dependent on its input parameters. These parameters include 9 items, including the number of trees, their depth, voting method, information gain, and so on. Optimal determination of these parameters is an optimization problem with large state space. In this research, a method based on genetic algorithm to determine the optimal values of these parameters is presented. Due to the optimal determination of the parameters, the obtained results show an improvement in the detection accuracy compared to the default state of the algorithm and other researches. The evaluation results indicate that the intrusion detection accuracy in the proposed method was %98, which is about %11 higher than the random forest algorithm with default parameters and %08 higher than previous studies.
Keywords: Random forest algorithm, Genetic algorithm, SQL injection attack, Database intrusion detection system
Full-Text [PDF 503 kb]   (320 Downloads)    
Type of Study: Research | Subject: Information and Communication Security
Received: 2020/09/1 | Accepted: 2021/05/2 | Published: 2021/08/19
Send email to the article author

Add your comments about this article
Your username or Email:

CAPTCHA

XML   Persian Abstract   Print

Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
moradi J, ghayoori M. Optimizing the detection of SQL injection attacks using a combination of random forest and genetic algorithms. C4I Journal 2021; 5 (1) :87-98
URL: http://ic4i-journal.ir/article-1-201-en.html
Rights and permissions
Creative Commons License This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Volume 5, Issue 1 (9-2021) Back to browse issues page
فصلنامه علمی-پژوهشی فرماندهی و کنترل C4I Journal

 
Persian site map - English site map - Created in 0.05 seconds with 37 queries by YEKTAWEB 4645