SQL injection detection and prevention system with raspberry Pi honeypot cluster for trapping attacker

Supeno Djanali, F. X. Arunanto, Baskoro Adi Pratomo, Hudan Studiawan, Satrio Gita Nugraha

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)

Abstract

One of the most common security attack for web application is SQL injection. It is an attack to acquire access to application?s database through injection of script or malicious query attributes. This attack can be executed in any page of web application which interacts with database. SQL injection could be more dangerous if the victim was an enterprise system such as online banking. Many methods have been researched and developed to prevent SQL injection attacks. One of them is the use of a honeypot. This paper proposed a method for increasing system?s capability to detect and prevent SQL injection attacks based on removal of SQL query attribute values and honeypot for trapping attackers. A honeypot is placed as decoy system to hide actual web server from attacker. Malicious queries from attackers will be sent to honeypot while normal queries will be sent directly to the real web server. Honeypot is also used to provide activity logging of each attack which can be used for further analysis. We play with Raspberry Pi because it is cheap and effective to be used as a honeypot. Due to its limited computational ability, we make cluster to improve its power. Based on conducted experiments, we could achieve up to 64% accuracy of SQL injection attack. Moreover, with the redirection, our honeypot could get more attack data to be analyzed.

Original languageEnglish
Title of host publicationISTMET 2014 - 1st International Symposium on Technology Management and Emerging Technologies, Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages163-166
Number of pages4
ISBN (Electronic)9781479937042
DOIs
Publication statusPublished - 24 Oct 2014
Event1st International Symposium on Technology Management and Emerging Technologies, ISTMET 2014 - Bandung, Indonesia
Duration: 27 May 201429 May 2014

Publication series

NameISTMET 2014 - 1st International Symposium on Technology Management and Emerging Technologies, Proceedings

Conference

Conference1st International Symposium on Technology Management and Emerging Technologies, ISTMET 2014
Country/TerritoryIndonesia
CityBandung
Period27/05/1429/05/14

Keywords

  • Cluster
  • Honeypot
  • SQL Injection

Fingerprint

Dive into the research topics of 'SQL injection detection and prevention system with raspberry Pi honeypot cluster for trapping attacker'. Together they form a unique fingerprint.

Cite this