Protego: A Python Package for SQL Injection Detection
Document Type
Oral Presentation
Event Website
https://source2022.sched.com/
Start Date
18-5-2022
End Date
18-5-2022
Keywords
Cybersecurity, Malware, Machine Learning
Abstract
Malicious software, or malware, has quickly become a top threat among companies and government agencies. It has the potential to expose sensitive information, halt business operations, and even cause a catastrophic loss of life. Malware can be deployed in many ways including hardware injection (USB), software injection, and misconfiguration. Software injection continues to be a popular attack vector and consistently ranks within the top three web application security risks published by OWASP. One of the simplest types of software injection is called SQL injection. This attack takes advantage of the fact that most applications interact with a database. Engineers can reduce the risk of successful attacks by following secure development practices, but cannot eliminate them. Prōtegō is an easy-to-use Python package that can be leveraged to identify and deter SQL injection attacks. It uses the most current machine learning algorithms to identify attacks with high accuracy.
Recommended Citation
Reeves, Bradley, "Protego: A Python Package for SQL Injection Detection" (2022). Symposium Of University Research and Creative Expression (SOURCE). 88.
https://digitalcommons.cwu.edu/source/2022/COTS/88
Department/Program
Computer Science; Information Security
Additional Mentoring Department
Computer Science
Additional Mentoring Department
Graduate Studies
Protego: A Python Package for SQL Injection Detection
Malicious software, or malware, has quickly become a top threat among companies and government agencies. It has the potential to expose sensitive information, halt business operations, and even cause a catastrophic loss of life. Malware can be deployed in many ways including hardware injection (USB), software injection, and misconfiguration. Software injection continues to be a popular attack vector and consistently ranks within the top three web application security risks published by OWASP. One of the simplest types of software injection is called SQL injection. This attack takes advantage of the fact that most applications interact with a database. Engineers can reduce the risk of successful attacks by following secure development practices, but cannot eliminate them. Prōtegō is an easy-to-use Python package that can be leveraged to identify and deter SQL injection attacks. It uses the most current machine learning algorithms to identify attacks with high accuracy.
https://digitalcommons.cwu.edu/source/2022/COTS/88
Faculty Mentor(s)
Razvan Andonie