Method and device for detecting structured query language injection attack

A structured query and injection attack technology, applied in the field of network communication, can solve the problems of many false negatives, difficult to find SQL injection vulnerabilities, unable to hit SQL attack features, etc., to achieve the effect of reducing false negatives

Inactive Publication Date: 2009-12-02
NEW H3C TECH CO LTD
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] (2) At present, SQL injection attacks can target different background databases, and each database has different SQL injection tools. To completely block these features, a large number of features need to be extracted, and a slight change in tools may cause the existing features to fail. Hit common SQL attack signatures
This leads to feature extraction always lagging behind the development of the attack. The change of each feature is driven by the change of the at...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting structured query language injection attack
  • Method and device for detecting structured query language injection attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] Therefore, the core idea of ​​the present invention is to detect whether there is an SQL injection attack in the message in the network by using a combination of feature detection and behavior detection.

[0030] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below.

[0031] figure 1 It is a flowchart of an SQL injection attack detection method according to an embodiment of the present invention. This method is implemented in the IPS device. First, a SQL injection attack blacklist is established to record the attacker's IP address and the number of attacks. Then, for the network message received by the IPS device, the following steps are executed: figure 1 The following steps are shown:

[0032] Step 101, detecting whether the received message is a message interacting with the database through the World Wide Web WEB, if yes, execute step 102, otherwise, directly...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for detecting a structured query language SQL injection attack. The method comprises the following steps: firstly detecting a received message based on SQL injection attack characteristics, and then detecting the received message based on SQL injection attack behaviors; counting the attack frequency of a source IP address of each hit message; alarming the IP address of which the attack frequency exceeds a preset value. The technical proposal of the invention greatly reduces the conditions of attack omission.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a structured query language injection attack detection method and device. Background technique [0002] Structured Query Language (SQL, Structured Query Language) is a text language used to interact with relational databases. SQL allows effective management of user data, including several aspects of data query, operation, definition and control, such as writing data to the database, inserting data, and reading data from the database. [0003] Relational databases are widely used in websites, and users generally interact with relational databases through dynamic web pages. Common dynamic web pages are generally accessed through Uniform Resource Locators (URL, Uniform Resource Locator) with parameters such as "http: / / domain-name / page.asp?arg=value". Dynamic web pages can be of types such as asp, php, jsp or perl. There can be one or more parameters in a dynamic web...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/56H04L29/06G06F17/30
Inventor 周欣
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap