Abstract
A model of a structured query language injection attack was designed using the Petri nets with players, strategies, and costs formalism. The formalism models the attacker and defender as competing players that can observe a specific subset of the net and act by changing the transition firing rates that the respective player can control. This model of the attack was based on the Common Attack Pattern and Enumeration Classification database and was validated by a panel of subject matter experts to be representative of a structured query language injection attack. The model was simulated with a reinforcement learning algorithm using an \(\upvarepsilon \)-greedy selection method. The algorithm learned within each iteration an optimal solution by varying player-controlled transitions rates. This paper describes the validation of the model, the design of the algorithm, and the results from 4 different \(\upvarepsilon \)-values.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
