IEICE Technical Committee Submission System
Conference Paper's Information
Online Proceedings
[Sign in]
... (for ESS/CS/ES/ISS)
Tech. Rep. Archives
... (for ES/CS)
 Go Top Page Go Previous   [Japanese] / [English] 

Paper Abstract and Keywords
Presentation 2014-09-12 13:25
Detection of Malicious Database Queries based on Matching with HTTP Requests
Yuichi Sudo, Takahiro Hamada, Yuichi Murata, Hideo Kitazume (NTT)
Abstract (in Japanese) (See Japanese page) 
(in English) If an attacker takes over a Web server by vulnerability attack or fraud login and so on, the attacker can control the server remotely and make the server to send a fraud SQL query to a database that has secret information or client information. Hence, the attacker can steal or modify such important information. In this paper, we propose the method that can detect fraud queries even if a Web server is taken over by an attacker. The proposed method monitors both HTTP requrests from clients to Web servers and SQL queries from Web servers to a database. It detects fraud SQL queries that cannot be generated at correct processing by verifying the correlation of monitored HTTP requests and SQL queries.
Keyword (in Japanese) (See Japanese page) 
(in English) Detection of Malicious Queries / Intrusion Detection / Database Protection / / / / /  
Reference Info. IEICE Tech. Rep., vol. 114, no. 207, IN2014-65, pp. 99-104, Sept. 2014.
Paper # IN2014-65 
Date of Issue 2014-09-04 (IN) 
ISSN Print edition: ISSN 0913-5685  Online edition: ISSN 2432-6380

Conference Information
Committee CS NS IN  
Conference Date 2014-09-11 - 2014-09-12 
Place (in Japanese) (See Japanese page) 
Place (in English) Tohoku Univ. Research Institute of Electrical Communication 2gokan 
Topics (in Japanese) (See Japanese page) 
Topics (in English) Post IP networking, Next Generation Network (NGN)/New Generation Network (NWGN), Contingency Plan/BCP, Network Coding/Network Algorithms, Session Management (SIP/IMS), Internetworking/Standardization, Network configuration, etc. 
Paper Information
Registration To IN 
Conference Code 2014-09-CS-NS-IN 
Language Japanese 
Title (in Japanese) (See Japanese page) 
Sub Title (in Japanese) (See Japanese page) 
Title (in English) Detection of Malicious Database Queries based on Matching with HTTP Requests 
Sub Title (in English)  
Keyword(1) Detection of Malicious Queries  
Keyword(2) Intrusion Detection  
Keyword(3) Database Protection  
Keyword(4)  
Keyword(5)  
Keyword(6)  
Keyword(7)  
Keyword(8)  
1st Author's Name Yuichi Sudo  
1st Author's Affiliation Nippon Telegraph and Telephone Corporation (NTT)
2nd Author's Name Takahiro Hamada  
2nd Author's Affiliation Nippon Telegraph and Telephone Corporation (NTT)
3rd Author's Name Yuichi Murata  
3rd Author's Affiliation Nippon Telegraph and Telephone Corporation (NTT)
4th Author's Name Hideo Kitazume  
4th Author's Affiliation Nippon Telegraph and Telephone Corporation (NTT)
5th Author's Name  
5th Author's Affiliation ()
6th Author's Name  
6th Author's Affiliation ()
7th Author's Name  
7th Author's Affiliation ()
8th Author's Name  
8th Author's Affiliation ()
9th Author's Name  
9th Author's Affiliation ()
10th Author's Name  
10th Author's Affiliation ()
11th Author's Name  
11th Author's Affiliation ()
12th Author's Name  
12th Author's Affiliation ()
13th Author's Name  
13th Author's Affiliation ()
14th Author's Name  
14th Author's Affiliation ()
15th Author's Name  
15th Author's Affiliation ()
16th Author's Name  
16th Author's Affiliation ()
17th Author's Name  
17th Author's Affiliation ()
18th Author's Name  
18th Author's Affiliation ()
19th Author's Name  
19th Author's Affiliation ()
20th Author's Name  
20th Author's Affiliation ()
Speaker
Date Time 2014-09-12 13:25:00 
Presentation Time 25 
Registration for IN 
Paper # IEICE-IN2014-65 
Volume (vol) IEICE-114 
Number (no) no.207 
Page pp.99-104 
#Pages IEICE-6 
Date of Issue IEICE-IN-2014-09-04 


[Return to Top Page]

[Return to IEICE Web Page]


The Institute of Electronics, Information and Communication Engineers (IEICE), Japan