Project name

INTRUSION DETECTION SYSTEMBYGaurav Kumar(1109110035)Prashant Kumar(1109110065)Prashant Rajput(1109110066)Rajat Kumar Agrawal(1109110072)

PROJECT MENTORMR. PRADEEP KUMARASSISTANT PROFESSOR

JSS MAHAVIDYAPEETHAJSS ACADEMY OF TECHNICAL EDUCATION, NOIDADEPARTMENT OF COMPUTER SCIENCE ENGINEERING2014-2015ContentsIntroduction .3SQL Injection .4Motivation 6Objective ...7Scope .. 8Software and hardware Requirements ..........9Literature survey... 10System Design ... 13Implementation and Result . 16Conclusion.. 24References ..............25

IntroductionIntrusionAny unauthorized access, not permitted attempt to access/ damage or malicious use of information resourcesIntrusion detectionDetection of break-ins and break-in attempts via automated software systemsIntrusion detection systemDefense systems, which detect and possibly prevent intrusion activities3SQL InjectionSQL Injection is a technique which allows a user specified query to execute in the database

Due to it, unintended query runs in the database

Most of the times it also alters the original querySQL Injection StepsSearching for a vulnerable pointFingerprinting the backend DBEnumerating or retrieving data of interest table dumps, usernames/passwords etc.Eventual exploiting the system once the information is handyOS take over, data change, web server take over etc.

One of the topmost threat for web application securityEasy to detect and exploitSQLIA have become more common, more sophisticatedLack of common and complete methodologyMotivation6ObjectiveCreate a reliable and accurate intrusion detection technique

Secure systems from being exploited by SQL injection attacks

Trace intruder and record his details7ScopeHost-Based Intrusion Detection SystemDynamic inspection of network packets targeted at a specific hostOperating system log analysisNetwork-Based Intrusion Detection SystemDirect analysis of network trafficProtocol-Based Intrusion Detection SystemDetecting anomalous behavior using protocols.8Software RequirementsOperating System: Windows XP (x86) with Service Pack 3 all editions except starter editionSupported Architecture: 32-Bit (x86) and 64-Bit (x64)Microsoft Visual Studio 2012 (and above)Microsoft SQL Server 2008 R2

Hardware RequirementsProcessor: 1.6 GHzHard Disk: 5.5 GB of free spaceRAM: 4 GBLiterature SurveySQLSQL is the high-level language used in numerous relational database management systems. Developed by F.Codd at IBM in early 1970. It allows a human being to use SQL to ask for what information he wants without outlining how the information is to be retrived.

SQL Injection AttacksAND/OR attackSELECT ALL attackDELETE attackDROP attack

Existing SystemsGreenSQL

DotDefender

CodeScan LabsSystem DesignSQLRand Architecture

Dynamic Query Matching Architecture

Architecture Diagram

Flow Chart

ImplementationAnd ResultURL RulesNo parentheses or angular brackets in the URLs While saving or generating remove from the URLsIf you really need to have parentheses or angular brackets in the URL, then encode themURL should not end with two or more dashes --While saving or generating remove these from the URLsURL should not end with /*While saving or generating remove these from the URLsNo schema, table or column names should be part of your URL

ConclusionInexpensive and effective deterrent against hacker using SQL Injection Attack

Combines both signature based and anomaly based methods

Customizable and flexible for future purposeReferencesAvizienis .A, The N-Version Approach to Fault- tolerant Software, IEEE Trans. Software Eng., vol. SE-11, no. 12, pp. 1491-1501,Dec 2010Aulakh, T. Intrusion Detection and Prevention System: CGI Attacks, 2009. San Jose State University masters thesis project.Ryan Riley, Xuxian Jiang, and Dongyan Xu AN ARCHITECTURAL APPROACH TO PREVENTING CODE INJECTION ATTACKS, IEEE 2007 S Anderson ,A Framework for Detecting Network-based Code Injection IEEE 2005

27THANK YOU