본문 바로가기
  • Home

Detection of Internal IIIegal Query Using Packet Analysis

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2005, 10(3), pp.259-266
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

장경옥 1 Changsuk Oh 1 Koo Min Jeong 1

1충북대학교

Candidate

ABSTRACT

The purpose of this study is for designing a illegal query detection system using Winpcap library for unauthorized access by internal person. The illegal query detection can be possible detecting the data in out of access control or searching illegal data by plagiarizing other user ID. The system used in this paper collects packets and analyzes the data related to SQL phrase among them, and selects the user's basic information by comparing the dispatch of MAC address and user's hardware information constructed previously. If the extracted information and user's one are different, it is considered as an illegal query. It is expected that the results of this study can be applied to reducing the snaking off unprotected data, and also contributed to leaving the audit records using user's access log which can be applied to the pattern analysis.

Citation status

* References for papers published after 2022 are currently being built.