Trident: Detecting SQL Injection Attacks via Abstract Syntax Tree-based Neural Network
SQL injection attacks have posed a significant threat to web applications for decades. They obfuscate malicious codes into natural SQL statements so as to steal sensitive data, making them difficult to detect. Generally, malicious signals can be identified by using the contextual information of SQL statements. Such contextual information, however, is not always easily captured. Due to the fact that SQL as a formal language is highly structured, two tokens that are spatially far away may be semantically very close. An effective approach thus should take the structural feature of SQL statements into account when modeling their contextual information. In this paper, we present a novel abstract syntax tree-based neural network approach named Trident for effectively detecting SQL injection attacks. Benefiting from the structural feature delivered by ASTs, Trident realizes superior modeling of contextual information via tree-based positional embedding and well-designed neural networks. Trident is widely evaluated on a public SQL injection dataset and an adversarial sample dataset. The results demonstrate that Trident can significantly outperform the baselines.
Wed 30 OctDisplayed time zone: Pacific Time (US & Canada) change
13:30 - 15:00 | Anomaly and fault detectionResearch Papers / NIER Track at Compagno Chair(s): Xing Hu Zhejiang University | ||
13:30 15mTalk | SLIM: a Scalable and Interpretable Light-weight Fault Localization Algorithm for Imbalanced Data in Microservice Research Papers Rui Ren DAMO Academy, Alibaba Group Hangzhou, China, Jingbang Yang DAMO Academy, Alibaba Group Hangzhou, China, Linxiao Yang DAMO Academy, Alibaba Group Hangzhou, China, Xinyue Gu DAMO Academy, Alibaba Group Hangzhou, China, Liang Sun DAMO Academy, Alibaba Group Hangzhou, China | ||
13:45 15mTalk | ART: A Unified Unsupervised Framework for Incident Management in Microservice Systems Research Papers Yongqian Sun Nankai University, Binpeng Shi Nankai University, Mingyu Mao Nankai University, Minghua Ma Microsoft Research, Sibo Xia Nankai University, Shenglin Zhang Nankai University, Dan Pei Tsinghua University | ||
14:00 15mTalk | Detecting and Explaining Anomalies Caused by Web Tamper Attacks via Building Consistency-based Normality Research Papers Yifan Liao Shanghai Jiao Tong University / National University of Singapore, Ming Xu Shanghai Jiao Tong University / National University of Singapore, Yun Lin Shanghai Jiao Tong University, Xiwen Teoh National University of Singapore, Xiaofei Xie Singapore Management University, Ruitao Feng Singapore Management University, Frank Liauw Government Technology Agency Singapore, Hongyu Zhang Chongqing University, Jin Song Dong National University of Singapore DOI Pre-print | ||
14:15 15mTalk | End-to-End AutoML for Unsupervised Log Anomaly Detection Research Papers Shenglin Zhang Nankai University, Yuhe Ji Nankai University, Jiaqi Luan Nankai University, Xiaohui Nie Computer Network Information Center at Chinese Academy of Sciences, Zi`ang Cheng Nankai University, Minghua Ma Microsoft Research, Yongqian Sun Nankai University, Dan Pei Tsinghua University | ||
14:30 10mTalk | Trident: Detecting SQL Injection Attacks via Abstract Syntax Tree-based Neural Network NIER Track Yuanlin Li Tsinghua University, Zhiwei Xu Tsinghua University, Min Zhou Tsinghua University, Hai Wan Tsinghua University, Xibin Zhao Tsinghua University | ||
14:40 10mTalk | A vision on a methodology for the application of an Intrusion Detection System for satellites NIER Track Sébastien Gios UCLouvain, Charles-Henry Bertrand Van Ouytsel UCLouvain, Mark Diamantino Caribé Telespazio - ESA, Axel Legay Université Catholique de Louvain, Belgium DOI |