SQL loophole detecting method based on artificial neuron network

A neural network and vulnerability detection technology, applied in the field of computer software, can solve problems such as poor time response, long time, and poor classification performance, so as to reduce detection time, reduce false alarm rate, and facilitate debugging and the modified effect

Active Publication Date: 2017-01-04
BEIJING UNIV OF TECH
View PDF6 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the time complexity of the Bayesian network is relatively low and it is relatively easy to implement, its classification performance is not very good, so the false po

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL loophole detecting method based on artificial neuron network
  • SQL loophole detecting method based on artificial neuron network
  • SQL loophole detecting method based on artificial neuron network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The system is composed of two parts: SQL statement analysis module and artificial neural network module. System architecture such as figure 1 shown.

[0032] SQL statement analysis module

[0033] The main function of the SQL statement analysis module is to convert the SQL statement submitted by the Web application into a feature vector group r, where r is a feature vector composed of 0 and 1. By classifying SQL injection attack statements, this module designs r to consist of 12 r i Composition, i represents the number. if r i =1, it means that the SQL statement contains keywords; if r i =0, it means that the SQL statement does not contain a certain keyword. If C represents whether a statement is a SQL injection statement, and defines: if the statement is a SQL injection statement, the value of C is 1, and if the statement is not an SQL injection attack statement, the value of C is 0. In this way, each SQL query statement can be represented by feature vectors r a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SQL loophole detecting method based on artificial neuron network. The method consists of an SQL statement analysis module and an artificial neuron network detection module. The main function of the SQL statement analysis module is to convert the SQL statement submitted by the Web application into a feature vector group r composed of 0 and 1, and then submit the resulting feature vector to the artificial neuron network detection module for analysis and detection, and fully apply the self-learning function of the neuron network to realize the detection of SQL statement through the artificial neuron network algorithm obtained by training and regex match. Compared with the traditional method, the SQL loophole detecting method is more convenient, accurate and fast, and does not need to modify the code itself. In addition, the system is developed by Javan language only, which is easy to maintain and can be used for secondary development. The system can well realize function expansion and cross-platform migration and has great application value for SQL injection loophole detection and research.

Description

technical field [0001] The invention relates to a method for detecting SQL loopholes based on an artificial neural network, belonging to the field of computer software. Background technique [0002] In recent years, with the widespread use of Web applications, Web security issues have become increasingly prominent. SQL injection (SQLInjection) vulnerability has become one of the common security risks in web applications. It means that attackers use the dynamic characteristics of user input and information upload in web application systems to upload some malicious data or codes to web application systems. And make these malicious data or codes execute on the server side or client side of the Web application system, thereby causing the target system of the Web application to crash, and the data to be tampered with and leaked. Most of the current web applications adopt the interactive structure of application program and database access, that is, the user submits input, the ap...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06F21/57G06N3/02
CPCG06F21/563G06F21/577G06N3/02
Inventor 王丹张志超赵文兵付利华杜金莲苏航
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap