A method and device for detecting sql injection vulnerabilities

A vulnerability and vector technology, applied in the field of detecting SQL injection vulnerabilities, can solve problems such as increased resource consumption, false negatives, and inability to obtain a large amount of data network conditions, and achieve the effect of reducing operating load

Active Publication Date: 2019-03-26
NSFOCUS INFORMATION TECHNOLOGY CO LTD +2
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 1) In the limited detection time, it is impossible to obtain a large amount of data to evaluate the current network situation;
[0007] 2) Without considering the time consumption, obtaining a large amount of data requires sending a large number of requests, which will put a lot of pressure on the target server site in the case of multiple concurrent scans, and consume more resources at the same time;
[0008] 3) Due to the instability of the network during the scanning process, it is impossible to design a reasonable and effective response time interval prediction algorithm;
[0009] 4) In order to ensure the accuracy of the scanning results, the delay function is used multiple times for judgment, and the single delay time is long, resulting in a long time-consuming overall scan;
[0010] 5) For the case where the database executes an integer multiple of the time described in the attack vector when executing an attack vector containing delay functions such as sleep() and delay(), the traditional judgment method based on the time interval will cause false positives;
[0011] 6) When using time-based SQL injection vulnerability detection using attack vectors that repeatedly execute characteristic expressions such as bannermark(), the time for executing a characteristic expression in different target environments is not fixed. Therefore, the traditional time interval-based Judgment method is prone to false positives
[0012] It can be seen that the existing time-based SQL injection vulnerability detection methods cannot quickly and accurately detect time-based SQL injection vulnerabilities
Moreover, false positives and false positives often occur when using existing detection methods, which seriously affects the overall detection performance of the web application vulnerability scanning system.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for detecting sql injection vulnerabilities
  • A method and device for detecting sql injection vulnerabilities
  • A method and device for detecting sql injection vulnerabilities

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] In order to solve the above problems, the present invention can automatically, quickly and accurately detect time-based SQL injection through a program, and proposes an environment-adaptive SQL time injection detection method. The method is as follows: send two SQL attack vectors carrying delay indications successively, and then record the corresponding response times respectively, and then calculate the difference between the delay matrix composed of two SQL attack vectors and the response matrix composed of two response times. After the similarity is determined to reach the threshold, it is determined that there is a time-type SQL injection vulnerability.

[0053] Preferred embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0054] In the embodiment of the present invention, in order to adapt to different network conditions and different target environments, an environment-adaptive SQL time injection ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method of detecting a SQL (Structured Query Language) injection vulnerability and a device for improving vulnerability detection accuracy and reducing operation load of a web application vulnerability scanning system in the case of detection. According to the method, whether a vulnerability exists or not is judged according to a similarity calculated by actual response time and expected delay time in an attach vector. Network influences on response time in near times are basically the same, when the similarity between the expected delay time and the actual response time is calculated, a similar variation range does not decisively influence the similarity calculation result, and accuracy of vulnerability existence judgment is not influenced. Thus, in different network conditions and different target environments, a time-based SQL injection vulnerability can be ensured to be quickly and accurately detected by a program, and thus, the operation load caused by SQL injection vulnerability judgment to the web application vulnerability scanning system can be effectively reduced.

Description

technical field [0001] The invention relates to network security technology, in particular to a method and device for detecting SQL injection loopholes. Background technique [0002] Structured Query Language (SQL) injection is a common vulnerability in web application security. In a web application with SQL injection, an attacker can take advantage of the code flaws of the web application to insert SQL commands into any application parameter values ​​that can affect database queries, tricking the server into executing the inserted malicious SQL commands, thereby obtaining the Sensitive information of a web application even controls the entire server of the web application. Therefore, it is necessary to design an effective SQL injection detection method to detect SQL injection vulnerabilities to prevent SQL injection attacks. [0003] In practical applications, the SQL injection detection method is also a SQL injection attack method, that is, the target server is attacked ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1408H04L63/1433H04L67/02
Inventor 田杰李菲邓永凯
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products