3,546 research outputs found
SQL Injection Detection Using Machine Learning Techniques and Multiple Data Sources
SQL Injection continues to be one of the most damaging security exploits in terms of personal information exposure as well as monetary loss. Injection attacks are the number one vulnerability in the most recent OWASP Top 10 report, and the number of these attacks continues to increase. Traditional defense strategies often involve static, signature-based IDS (Intrusion Detection System) rules which are mostly effective only against previously observed attacks but not unknown, or zero-day, attacks. Much current research involves the use of machine learning techniques, which are able to detect unknown attacks, but depending on the algorithm can be costly in terms of performance. In addition, most current intrusion detection strategies involve collection of traffic coming into the web application either from a network device or from the web application host, while other strategies collect data from the database server logs. In this project, we are collecting traffic from two points: the web application host, and a Datiphy appliance node located between the webapp host and the associated MySQL database server. In our analysis of these two datasets, and another dataset that is correlated between the two, we have been able to demonstrate that accuracy obtained with the correlated dataset using algorithms such as rule-based and decision tree are nearly the same as those with a neural network algorithm, but with greatly improved performance
Km4City Ontology Building vs Data Harvesting and Cleaning for Smart-city Services
Presently, a very large number of public and private data sets are available
from local governments. In most cases, they are not semantically interoperable
and a huge human effort would be needed to create integrated ontologies and
knowledge base for smart city. Smart City ontology is not yet standardized, and
a lot of research work is needed to identify models that can easily support the
data reconciliation, the management of the complexity, to allow the data
reasoning. In this paper, a system for data ingestion and reconciliation of
smart cities related aspects as road graph, services available on the roads,
traffic sensors etc., is proposed. The system allows managing a big data volume
of data coming from a variety of sources considering both static and dynamic
data. These data are mapped to a smart-city ontology, called KM4City (Knowledge
Model for City), and stored into an RDF-Store where they are available for
applications via SPARQL queries to provide new services to the users via
specific applications of public administration and enterprises. The paper
presents the process adopted to produce the ontology and the big data
architecture for the knowledge base feeding on the basis of open and private
data, and the mechanisms adopted for the data verification, reconciliation and
validation. Some examples about the possible usage of the coherent big data
knowledge base produced are also offered and are accessible from the RDF-Store
and related services. The article also presented the work performed about
reconciliation algorithms and their comparative assessment and selection
Object-oriented querying of existing relational databases
In this paper, we present algorithms which allow an object-oriented
querying of existing relational databases. Our goal is to provide an improved query
interface for relational systems with better query facilities than SQL. This
seems to be very important since, in real world applications, relational systems
are most commonly used and their dominance will remain in the near future. To
overcome the drawbacks of relational systems, especially the poor query facilities
of SQL, we propose a schema transformation and a query translation algorithm.
The schema transformation algorithm uses additional semantic information to enhance
the relational schema and transform it into a corresponding object-oriented
schema. If the additional semantic information can be deducted from an underlying
entity-relationship design schema, the schema transformation may be done
fully automatically. To query the created object-oriented schema, we use the
Structured Object Query Language (SOQL) which provides declarative query facilities
on objects. SOQL queries using the created object-oriented schema are
much shorter, easier to write and understand and more intuitive than corresponding
S Q L queries leading to an enhanced usability and an improved querying of
the database. The query translation algorithm automatically translates SOQL queries
into equivalent SQL queries for the original relational schema
A unified view of data-intensive flows in business intelligence systems : a survey
Data-intensive flows are central processes in today’s business intelligence (BI) systems, deploying different technologies to deliver data, from a multitude of data sources, in user-preferred and analysis-ready formats. To meet complex requirements of next generation BI systems, we often need an effective combination of the traditionally batched extract-transform-load (ETL) processes that populate a data warehouse (DW) from integrated data sources, and more real-time and operational data flows that integrate source data at runtime. Both academia and industry thus must have a clear understanding of the foundations of data-intensive flows and the challenges of moving towards next generation BI environments. In this paper we present a survey of today’s research on data-intensive flows and the related fundamental fields of database theory. The study is based on a proposed set of dimensions describing the important challenges of data-intensive flows in the next generation BI setting. As a result of this survey, we envision an architecture of a system for managing the lifecycle of data-intensive flows. The results further provide a comprehensive understanding of data-intensive flows, recognizing challenges that still are to be addressed, and how the current solutions can be applied for addressing these challenges.Peer ReviewedPostprint (author's final draft
- …