System for real-time intrusion detection of SQL injection WEB attacks

An intrusion detection system and injection attack technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as high false alarm rate, special character filtering of input parameters, etc.

Active Publication Date: 2009-02-18
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF0 Cites 36 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The second case is that the SQL is simply composed of input parameters used by the web application system, and necessary operations such as "length check, special character filtering" and other necessary operations are not performed on the input parameters.
The

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System for real-time intrusion detection of SQL injection WEB attacks
  • System for real-time intrusion detection of SQL injection WEB attacks
  • System for real-time intrusion detection of SQL injection WEB attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0113] Embodiment 1: Referring to the chart, the real-time abnormal SQL injection detection system consistent with the present invention is represented by the number 10 in FIG. 1. The development goal of the system 10 is to detect abnormal SQL injection, and through such as Picture 10 The illustrated association between the database layer 520 and the web application layer 510 achieves high accuracy and low false alarms. The database layer 520 corresponds to figure 2 The background database 220 in the. The web application layer 510 corresponds to figure 2 Web server 210 or other computer equipment running WEB applications.

[0114] figure 2 It is a schematic diagram of the system 10 in FIG. 1 being applied to a website 200 for real-time abnormal SQL injection attack detection. The website 200 includes a WEB server 210 that provides WEB applications for end users 205. The end users 205 can be personal computers, laptops, notebook personal computers, notebooks, or other computer ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a real time intrusion detection system for detecting SQL injection Web aggression, including a method for providing learning normal database and Web application standard query statement (SQL) query data for a Website; a method for capturing real time database and Web application SQL query data for a Website; a method for detecting typical SQL injection aggression based on the normal database and Web application standard query statement (SQL) query data, as well as the real time database and Web application SQL query data. The beneficial effects of the present invention are that the invention can not only detect common SQL injection aggression, also has low alarm by mistake and high detection rate and the like.

Description

Technical field [0001] The invention relates to the field of WEB application intrusion detection, in particular to a real-time intrusion detection system for SQL injection WEB attack. Background technique [0002] Anomalous network intrusion detection is different from traditional intrusion inspection. It detects new data by comparing the current data with the previously obtained "security model" to see if the difference between the two exceeds the error range. One of the advantages of abnormal intrusion detection is that it does not require a large database of characteristics. [0003] The Intrusion Detection System (IDS) based on signature detection is currently the most widely used system in the world because it can detect known attacks very quickly and accurately. However, IDS based on feature detection is very weak in detecting unknown attacks, because once the attacker deforms the attack behavior slightly, the features are difficult to match. Therefore, the attacker can eas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/168H04L63/1425
Inventor 范渊杨永清卢天华
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap