Scalable Detection of SQL Injection in Cyber Physical Systems

Resumo

Cyber Physical Systems generate a significant volume of heterogeneous data often stored in relational databases. These databases are susceptible to various threats, including SQL Injection (SQLi) attacks. Consequently, there is a need for security solutions that are not only efficient in detection, but also meet the processing time requirements of detection. In this context, this article introduces a solution for SQLi Scalable Threat Detection (S-SQLi) based on Regular Expressions (RegEx). This solution acts as an initial filtering service, protecting against SQLi threats by addressing response time and scalability concerns. The experiments using a real dataset suggest that S-SQLi offers adequate detection efficiency for SQLi threats while addressing the scalability needs of CPSs.