Supercharge Your Innovation With Domain-Expert AI Agents!

Intelligent Anti-SQL Injection Method Based on Semantic Analysis

A semantic analysis and intelligent technology, applied in special data processing applications, instruments, electrical digital data processing, etc., can solve hidden dangers and other problems, achieve high security, good implementation effect, and prevent attacks

Active Publication Date: 2018-04-20
TONGCHENG NETWORK TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The advantage of cookies is that cookies will save login information when administrators and registered users log in to the website, and cookies will automatically keep these information in the input text box of the login page when they log in next time. Hackers collect Cookie information to bury hidden dangers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent Anti-SQL Injection Method Based on Semantic Analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] Such as figure 1The shown intelligent anti-SQL injection method based on semantic analysis is different in that the following steps are adopted: firstly, data interception or data extraction is performed on all requests from web pages, and the data appears as character strings. Afterwards, send the extracted data to the Security Center for processing and return the result. If the data is harmful, it will jump to the ShowErr page. If the data is harmless, it will continue to make normal requests.

[0038] Specifically, the data interception adopted is to intercept all requests through Global.asax. And the data extraction is to extract the data in querystring, form, and cookie. In other words, in .net, the querystring form is the object obtained by two kinds of requests. After that, replace the escape characters in it, and check one by one according to the preset judgment rules to determine whether the data is harmful. Moreover, there is no need to process the request ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an intelligent SQL injection resistant method based on semantic analysis. The method is characterized by conducting data intercepting or data extraction on all requests from web pages, sending extracted data to a security center to be processed and returning results, meanwhile, examining the data item by item in order according to preset examination rules, and judging whether the data are harmful. Thereby, a proprietary request can be owned, and the requests of a system can not be blocked. Meanwhile, the safety is higher, the submitted cookie data can also be filtrated, and no exploitable loopholes are left to a hacker. What's more important, SQL injection attacks can be completely eradicated from the source. In addition, access components used for the embodiment of the method are simple to use and convenient to access, and it is convenient for personnel to enter into a scene for processing.

Description

technical field [0001] The invention relates to a method for preventing SQL injection, in particular to an intelligent method for preventing SQL injection based on semantic analysis. Background technique [0002] With the development of B / S mode application development, more and more programmers use this mode to write application programs. However, the entry threshold of this industry is not high, so the level and experience of programmers are also uneven. When writing code, a considerable part of programmers do not judge the legality of user input data, so that the application is safe. Hidden danger. In addition, there are many SQL injection software currently, and SQL injection attacks have become one of the common methods used by hackers to attack databases. [0003] The so-called SQL injection is to insert SQL commands into Web forms to submit or input query strings for domain names or page requests, and finally trick the server into executing malicious SQL commands. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F17/30
CPCG06F16/2445
Inventor 王专吴志祥吴剑张海龙马和平郭凤林沈健郝彦清靳彩娟
Owner TONGCHENG NETWORK TECH
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com