eISSN: 3087-4297 editor@aimjournals.com
All Journals
Submit your article

International Journal of Cyber Threat Intelligence and Secure Networking

Open Access Peer Review International
Open Access

Detection of Malicious Query Attack Weaknesses within Online Software Systems Using Byte-Level Pattern Matching

DOI
PDF
Dr. Ahmed Saeed Al-Mansoori 1 ,
4 Department of Computer Engineering College of Engineering United Arab Emirates University Al Ain, United Arab Emirates

Abstract

Web-based software systems constitute the backbone of modern digital services, supporting financial transactions, healthcare systems, industrial control networks, and cloud-based infrastructures. However, the rapid expansion of online applications has significantly increased exposure to cybersecurity threats, particularly malicious query injection attacks targeting database-driven applications. These attacks exploit vulnerabilities in application-layer query processing mechanisms, allowing attackers to manipulate backend databases and retrieve or modify sensitive information. Traditional detection mechanisms such as rule-based filtering and signature-based intrusion detection systems often struggle to identify previously unseen attack patterns or obfuscated query manipulations. Consequently, there is a growing need for robust detection techniques capable of identifying structural vulnerabilities at deeper software layers.

This study proposes a novel approach for detecting malicious query attack weaknesses in online software systems through byte-level pattern matching techniques. Unlike conventional string-based detection methods, the proposed model examines compiled or intermediate representations of application components to identify structural similarities between known vulnerable patterns and target software binaries. The approach leverages byte-level similarity metrics, vulnerability signature mapping, and automated scanning processes to detect hidden weaknesses that may not be visible through source-level analysis.

The research integrates concepts from vulnerability assessment frameworks, binary similarity analysis, and modern cybersecurity monitoring models to develop an efficient vulnerability detection architecture. A comprehensive analysis of existing research in cybersecurity vulnerabilities, machine learning-based threat detection, and network security situation assessment provides the theoretical foundation for the proposed framework. The study further outlines a modular detection architecture composed of preprocessing, binary feature extraction, pattern similarity evaluation, and vulnerability classification components.

Experimental simulations demonstrate that byte-level similarity analysis can significantly improve the identification of malicious query attack patterns embedded within compiled application components. The results highlight improvements in detection accuracy, vulnerability coverage, and resilience against code obfuscation techniques compared to traditional source-code analysis approaches.

The findings contribute to the advancement of proactive vulnerability detection mechanisms for secure web application development. By integrating binary-level analysis with pattern matching techniques, the proposed model offers an effective method for strengthening software security infrastructures, reducing exploitation risks, and enhancing defensive strategies against evolving database-oriented cyber threats.

Keywords

Malicious query attacks, SQL injection vulnerabilities, binary code similarity, cybersecurity vulnerability detection

References

📄 Alfadel, M., Costa, D. E., and Shihab, E. ( 2023 ). Empirical analysis of security vulnerabilities in python packages. Empirical Software Engineering, 28 ( 3 ), 59–70.
📄 Duraibi, S. and Mujawib Alashjaee, A. ( 2024 ). Enhancing Cyberattack Detection Using Dimensionality Reduction With Hybrid Deep Learning on Internet of Things Environment. IEEE Access, vol. 12, pp. 84752–84762.
📄 Harbi, Y., Aliouat, Z., Refoufi, A., and Harous, S. ( 2021 ). Recent security trends in internet of things: A comprehensive survey. IEEE Access, 9 ( 1 ), 113292–113314.
📄 Humayun, Mamoona, Mahmood Niazi, N. Z. Jhanjhi, Mohammad Alshayeb, and Sajjad Mahmood. Cyber security threats and vulnerabilities: a systematic map study. Arabian Journal for Science and Engineering 45 ( 2020 ): 3171–3189.
📄 Jiang, X., Lora, M., and Chattopadhyay, S. ( 2020 ). An experimental analysis of security vulnerabilities in industrial IoT devices. ACM Transactions on Internet Technology (TOIT), 20 ( 2 ), 1–24.
📄 Jimmy, F. N. U. ( 2024 ). Cyber security Vulnerabilities and Remediation Through Cloud Security Tools. Journal of Artificial Intelligence General science (JAIGS) ISSN: 3006-4023, 2 ( 1 ), 129–171.
📄 Khan, M., and Ghafoor, L. ( 2024 ). Adversarial Machine Learning in the Context of Network Security: Challenges and Solutions. Journal of Computational Intelligence and Robotics, 4 ( 1 ), 51–63.
📄 Kim, D. W., Choi, J. Y., and Han, K. H. ( 2020 ). Risk management-based security evaluation model for telemedicine systems. BMC medical informatics and decision making, 20 ( 1 ), 1–14.
📄 Luan, M., B. Wang, Y. Zhao, and F. Hu. ( 2021 ). Anomalous Subgraph Detection in Given Expected Degree Networks With Deep Learning. IEEE Access, vol. 9, pp. 60052–60062.
📄 Mishra, N., and Pandya, S. ( 2021 ). Internet of things applications, security challenges, attacks, intrusion detection, and future visions: A systematic review. IEEE Access, 9 ( 1 ), 59353–59377.
📄 Mrabet, H., Belguith, S., Alhomoud, A., and Jemai, A. ( 2020 ). A survey of IoT security based on a layered architecture of sensing and data analysis. Sensors, 20 ( 13 ), 3625–3637.
📄 Mughal, A. A. ( 2022 ). Building and Securing the Modern Security Operations Center (SOC). International Journal of Business Intelligence and Big Data Analytics, 5 ( 1 ), 1–15.
📄 Ponta, S. E., Plate, H., and Sabetta, A. ( 2020 ). Detection, assessment and mitigation of vulnerabilities in open source dependencies. Empirical Software Engineering, 25 ( 5 ), 3175–3215.
📄 Ranaweera, P., Jurcut, A., and Liyanage, M. ( 2021 ). MEC-enabled 5G use cases: a survey on security vulnerabilities and countermeasures. ACM Computing Surveys (CSUR), 54 ( 9 ), 1–37.
📄 Rawat, R., Chakrawarti, R. K., Vyas, P., Gonzales, J. L. A., Sikarwar, R., and Bhardwaj, R. ( 2023 ). Intelligent fog computing surveillance system for crime and vulnerability identification and tracing. International Journal of Information Security and Privacy (IJISP), 17 ( 1 ), 1–25.
📄 Somasundaram, R., and Thirugnanam, M. ( 2021 ). Review of security challenges in healthcare internet of things. Wireless Networks, 27 ( 8 ), 5503–5509.
📄 Tabrizchi, H., and Kuchaki Rafsanjani, M ( 2020 ). A survey on security challenges in cloud computing: issues, threats, and solutions. The journal of supercomputing, 76 ( 12 ), 9493–9532.
📄 Tawalbeh, L. A., Muheidat, F., Tawalbeh, M., and Quwaider, M. ( 2020 ). IoT Privacy and security: Challenges and solutions. Applied Sciences, 10 ( 12 ), 4102–4112.
📄 Vyas, B. ( 2023 ). Security Challenges and Solutions in Java Application Development. Eduzone: International Peer Reviewed/Refereed Multidisciplinary Journal, 12 ( 2 ), 268–275.
📄 Yaacoub, J. P. A., Noura, H. N., Salman, O., and Chehab, A. ( 2022 ). Robotics cyber security: Vulnerabilities, attacks, countermeasures, and recommendations. International Journal of Information Security, 21 ( 1 ), 115–158.
📄 Yang, H., R. Zeng, G. Xu, and L. Zhang. ( 2021 ). A network security situation assessment method based on adversarial deep learning. Applied Soft Comnuting, vol. 102, 2021.
📄 Yuan, L. ( 2021 ). Prediction of network security situation awareness based on an improved model combined with neural network. Security and Privacy, vol. 4, no. 6, 2021.
📄 Yu, M., Zhuge, J., Cao, M., Shi, Z., and Jiang, L. ( 2020 ). A survey of security vulnerability analysis, discovery, detection, and mitigation on IoT devices. Future Internet, 12 ( 2 ), 27–36.
📄 Yu, G.-F. ( 2024 ). A multi-objective decision method for the network security situation grade assessment under multi-source information. Information Fusion, vol. 102, 2024.
📄 Zhang, R., Z. Pan, Y. Yin, and Z. Cai. ( 2022 ). A Model of Network Security Situation Assessment Based on BPNN Optimized by SAA-SSA. International Journal of Digital Crime and Forensics, vol. 14, no. 2, 2022.
📄 Zhang, R., M. Liu, Z. Pan, and Y. Yin. ( 2022 ). Network Security Situation Assessment Based on Improved WOA-SVM. IEEE Access, vol. 10, pp. 96273–96283, 2022.
📄 Zhao, D., G. Ji, and S. Zeng. ( 2023 ). Network security situation assessment based on dual attention mechanism and HHO-ResNeXt. Connection Science, vol. 35, no. 1, 2023.
📄 Zhao, D., P. Shen, and S. Zeng. ( 2023 ). ALSNAP: Attention-based long and short-period network security situation prediction. Ad Hoc Networks, vol. 150, 2023.
📄 Zhu, Y., and Z. Du. ( 2021 ). Research on the Key Technologies of Network Security-Oriented Situation Prediction. Scientific Programming, vol. 2021, 2021.
📄 Wu, Y.-X., and D.-M. Zhao. ( 2024 ). Build IPSO-ABiLSTM Model for Network Security Situation Prediction. Journal of Information Science and Engineering, vol. 40, no. 1, pp. 71–88, 2024.

Similar Articles

1-10 of 27

You may also start an advanced similarity search for this article.