Title

Protego: A Python Package for SQL Injection Detection

Document Type

Oral Presentation

Event Website

https://source2022.sched.com/

Start Date

18-5-2022

End Date

18-5-2022

Keywords

Cybersecurity, Malware, Machine Learning

Abstract

Malicious software, or malware, has quickly become a top threat among companies and government agencies. It has the potential to expose sensitive information, halt business operations, and even cause a catastrophic loss of life. Malware can be deployed in many ways including hardware injection (USB), software injection, and misconfiguration. Software injection continues to be a popular attack vector and consistently ranks within the top three web application security risks published by OWASP. One of the simplest types of software injection is called SQL injection. This attack takes advantage of the fact that most applications interact with a database. Engineers can reduce the risk of successful attacks by following secure development practices, but cannot eliminate them. Prōtegō is an easy-to-use Python package that can be leveraged to identify and deter SQL injection attacks. It uses the most current machine learning algorithms to identify attacks with high accuracy.

Faculty Mentor(s)

Razvan Andonie

Department/Program

Computer Science; Information Security

Additional Mentoring Department

Computer Science

Additional Mentoring Department

Graduate Studies

Streaming Media

Share

COinS
 
May 18th, 12:00 AM May 18th, 12:00 AM

Protego: A Python Package for SQL Injection Detection

Malicious software, or malware, has quickly become a top threat among companies and government agencies. It has the potential to expose sensitive information, halt business operations, and even cause a catastrophic loss of life. Malware can be deployed in many ways including hardware injection (USB), software injection, and misconfiguration. Software injection continues to be a popular attack vector and consistently ranks within the top three web application security risks published by OWASP. One of the simplest types of software injection is called SQL injection. This attack takes advantage of the fact that most applications interact with a database. Engineers can reduce the risk of successful attacks by following secure development practices, but cannot eliminate them. Prōtegō is an easy-to-use Python package that can be leveraged to identify and deter SQL injection attacks. It uses the most current machine learning algorithms to identify attacks with high accuracy.

https://digitalcommons.cwu.edu/source/2022/COTS/88