PROGESI

Syntactic and semantic data analysis techniques

The research, carried out by colleagues Antonio Coscia and Antonio Maci of the Cyber Lab in Grottaglie, in collaboration with the University of Bari – Department of Computer Science, was created as part of the activities under the Program Contract “Cybersecurity and SOC Product Suite,” and presents an innovative algorithm for the prevention of SQL injection attacks (SQLi) through the use of context-free grammars for the analysis and generalization of possible attack strings. PROGESI can automatically generate blocking rules at the level of a proxy server, to be inserted upstream of the systems to be protected, with higher levels of efficiency and effectiveness than alternative solutions based on the use of different techniques.

The proposed algorithm has already been integrated into Cybersuite BV TECH’s Next Generation Firewall prototype, but it can be used in any other context that already involves other types of WAF.

The research activity that led to the definition and testing of the algorithm was carried out from the specialized skills and expertise of the BV TECH Cyber Lab in the use of syntactic and semantic analysis techniques of data management languages, applied in the specific context of cybersecurity.