SQL injection attack detection system supporting multiple database types

A technology of injection attack and detection system, applied in digital transmission system, transmission system, data exchange network, etc., can solve the problem of reducing the false negative rate and false negative report of SQL injection attack detection system, so as to overcome the difficulty of extraction and easy to be deceived. , The effect of reducing false positive rate and false negative rate

Inactive Publication Date: 2009-03-18
BEIJING VENUS INFORMATION TECH
View PDF0 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to overcome the existing SQL injection attack detection method based on the standard SQL99 syntax specification in the actual application process due to the differences in the SQL syntax of various types of relational databases. To solve the problem of underreporting, a SQL injection atta...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection attack detection system supporting multiple database types
  • SQL injection attack detection system supporting multiple database types
  • SQL injection attack detection system supporting multiple database types

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] The SQL injection attack detection system supporting multiple database types according to the present invention will be further described below in conjunction with the drawings and embodiments.

[0027] The architecture of the SQL injection attack detection system of the present invention is as attached image 3 As shown, it includes the following modules:

[0028] Data acquisition module: used to capture a large number of network data packets generated during the communication between the Web client and the Web application server; the network data packets can be captured in a bypass mode or a routing mode. In the bypass working mode, all network data packets in the monitored network can be captured through the mirror port of the hub, switch or router, and then the packets are filtered according to the HTTP service port (such as port 80) to obtain the network that needs further preprocessing data pack.

[0029] Data pre-processing module: receive the network packets r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an SQL injection attack detecting system which supports multiple types of databases, which comprises a data acquisition module, a data preprocessing module, SQL injection attack detecting modules, an SQL injection alarming module and a classification transferring module. The system may comprise a plurality of the SQL injection attack detecting modules, and each of the SQL injection attack detecting modules respectively creates SQL injection attack detecting grammar rules based on the expanded SQL grammar of the data base types which are related with the SQL injection attack detecting modules, each of the SQL injection attack detecting modules is bound with the destination address of a certain Web application server, thereby the SQL injection attack detection of all to-be detected objects which have the same determination address is realized. The system fully considers the differences of the SQL grammar of various types of the databases, classifies the to-be detected objects according to the destination address of the Web application server, and detects the objects by the SQL injection attack detecting module which supports the SQL grammar expansion of the specific types of the databases, and greatly reduces the under-reporting problems in the SQL injection attack detecting modules.

Description

technical field [0001] The invention relates to the technical field of network security detection, in particular to an SQL injection attack detection system that supports multiple database types and can be used for intrusion detection and defense products. Background technique [0002] SQL (Structure Query Language, Structured Query Language) injection attack means that the attacker uses the SQL injection vulnerability in the existing application program to inject malicious SQL commands into the background database engine for execution, so as to steal data or even control the database server security incidents. The root cause of the SQL injection vulnerability is that the application uses user input data to construct dynamic SQL statements, and does not perform security checks and filters on user input data. SQL injection vulnerabilities are common in web applications that use the HTTP protocol (Hypertext Transfer Protocol, Hypertext Transfer Protocol) to implement communic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L12/56H04L12/26
Inventor 叶润国周涛李博骆拥政汪洋王鸿鹏
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap