Rocha, AlexandraAlves, RuiPedrosa, Tiago2024-01-052024-01-052023Rocha, Alexandra; Alves, Rui; Pedrosa, Tiago (2023). Query log analysis for SQL injection detection. In Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICISSP). 22-24 February 2023, Lisbon. ISSN 2184-4356. 1, p. 471-476978989758624-82184-4356http://hdl.handle.net/10198/29101Nowadays, more and more services are dependent on the use of resources hosted on the web. The realization of operations such as access to the account bank, credit card operations, among other operations, is something increasingly common in current times, demonstrating not only human dependence on the internet connection, as well as the need to adapt the web resources to the daily life of society. As a result of this growing dependency, web resources now provide a greater amount of confidential information, making the risk of a cyberattack and information leaking grow considerably. In the web context, one of the most well-known attacks is SQL injection that allows the attacker to exploit, through the injection of malicious queries, access to confidential information. This paper suggests a solution for the detection of SQL injection via web resources, using the analysis of the logs of the executed queries.engSQL InjectionIDSMySQLAttacksDetectionconference object10.5220/0011667200003405