Search for: All records

In recent years, web-based platforms and business applications have been rising in popularity deeming themselves indispensable as they constitute the main backbone of business processes and in- formation sharing. However, the unprecedented increased number of cyber-attacks have been threatening their day-to-day opera- tions. In particular, the Standard Query Language Injection Attack (SQLIA) remains one of the most prevalent cyber attacks targeting web-based applications. As a consequence, the SQLIA detection techniques need to be constantly revamped and stay up-to-date in order to achieve the full potential of mitigating such threats. In this paper, we propose an artificial intelligence model based on super- vised machine learning techniques to detect SQLIA. As part of the proposed model, we introduce an input string validation technique as a primary anomaly identifier using pattern matching for SQL Query data with anomalies-injections. To evaluate our approach we injected one type of SQLIA that is tautology attacks and measured the performance of our model. We used three main classifiers in our model and our findings indicate a model prediction accuracy of 98.3605% for Support Vector Machine (SVM), 96.296% for K-Nearest Neighbors (KNN), and 97.530% for Random Forest. The approach proposed in this paper has the potential of being used to integrate an automated SQL Injection detection mechanism with Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS). 

Remote Keyless Entry (RKE) is a revolutionary technology that allows drivers to gain access to their vehicles using a wireless key fob operating on short-range radio waves. This technology offers numerous advantages for drivers, but it is still vulnerable to serious security threats which target the interactions between the fob and car, which may eventually result in car theft. In this paper, we propose a blockchain-based approach to thwart replay attacks targeting cars equipped with RKE systems. We consider the key fob and the car as two separate users of a private blockchain in which a miner authenticates the key fob with the corresponding car to grant or deny access using a smart contract. We validate our findings by a performance evaluation of the time taken by the miner to validate the access to the vehicle.