Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack prevention system based on structured query language (SQL)

A technology for attacking defense system and structured query, applied in the field of information security, can solve the problem of low false positive rate of detection model, and achieve the effect of improving accuracy

Active Publication Date: 2009-06-03
CHINA ELECTRIC POWER RES INST +2
View PDF0 Cites 43 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The false positive rate of the misuse detection model is low, but how to identify normal structured query language SQL statements with certain special characters or individual attack characteristics, and how to identify and block malicious structured query language SQL operations of legitimate users are current needs problem solved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack prevention system based on structured query language (SQL)
  • Attack prevention system based on structured query language (SQL)
  • Attack prevention system based on structured query language (SQL)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0076] The following is a typical implementation case of the SQL attack defense system deployed in an information security network isolation device (a border defense device).

[0077] The information security network isolation device is a special device that adapts to the needs of partitioning the network according to the security level and protects the database. Its core technology adopts the SQL attack defense system. The information security network isolation device isolates the trusted information internal network from the untrustworthy information external network, and must ensure that the SQL communication between the information internal network and the information external network is tested through the information security network isolation device. This device can filter the network connection accessing the Oracle server, only allow specific application servers to access specific database servers through specific programs, and control the content and behavior of client ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a modified misuse-type structured query language (hereinafter referred as to SQL) attack defense system which is based on application system services and an SQL-injected characteristic extraction malicious attack behavior characteristic library and combined with the SQL request of the characteristic library to a user to carry out strict test and block the SQL request with the attack characteristics according to test results, so as to provide the security protection for the database and the corresponding audit record. The invention can be flexibly allocated to boundary defense devices, application servers, database servers and various security audit software, and the SQL attack behavior characteristic library can be updated at any time when the application environment is changed and a new attack type or normal behavior pattern appears.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a novel defense system for attack detection, blocking and auditing based on structured query language SQL. Background technique [0002] The current technical means of defending against structured query language SQL (structured query language) attacks are divided into passive defense and active defense. Shielding error messages, deleting unnecessary extended stored procedures in the database, minimizing Web server directory permissions, etc. Passive defense against structured query language SQL attacks. The disadvantage is that there is no detection mechanism for structured query language SQL attacks. Controlling the impact range of language SQL attacks is an after-the-fact defense mechanism. The method of actively defending against structured query language SQL attacks implements the detection of structured query language SQL requests through the attack signature d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24G06F17/30
Inventor 高昆仑刘书勇宋小芹李凌邓立武张波
Owner CHINA ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products