Automatic Detection of Injection Attacks by Machine Learning in NoSQL Databases
Recolector de datos
Tipo de Material
Título de serie/ reporte/ volumen/ colección
Es Parte de
NoSQL databases were created for the purpose of manipulating large amounts of data in real time. However, at the beginning, security was not important for their developers. The popularity of SQL generated the false belief that NoSQL databases were immune to injection attacks. As a consequence, NoSQL databases were not protected and are vulnerable to injection attacks. In addition, databases with NoSQL queries are not available for experimentation. Therefore, this paper presents a new method for the construction of a NoSQL query database, based on JSON structure. Six classification algorithms were evaluated to identify the injection attacks: SVM, Decision Tree, Random Forest, K-NN, Neural Network and Multilayer Perceptron, obtaining an accuracy with the last two algorithms of 97.6%.