SQL injection audit or protection method and device based on database protocol
A database and protocol technology, applied in the field of information security, can solve problems such as high false alarm rate, lack of solutions, high false alarm rate, etc.
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0046] A kind of SQL injection audit or protection method based on database protocol provided by the embodiment of the present invention, such as figure 1 shown, including:
[0047] Step S102, obtaining the data packet sent by the database server according to the preset database protocol, wherein the data packet is a data packet responding to the information requested by the client;
[0048] Step S104, analyzing the data packet according to the data format of the preset database protocol to determine the response result of the database server to the request information;
[0049] Step S106, based on the response result, determine the dangerous access interface for accessing the database server caused by the SQL injection, so as to block the access request for accessing the dangerous access interface.
[0050] It should be noted that various database servers have preset database protocols for transmitting network data. The response result of the above-mentioned database server...
Embodiment 2
[0083] A database protocol-based SQL injection audit or protection device provided by an embodiment of the present invention, such as image 3 shown, including:
[0084] The acquiring module 100 is configured to acquire a data packet sent by the database server according to a preset database protocol, wherein the data packet is a data packet responding to the client request information;
[0085] The analysis module 200 is used to analyze the data packet according to the data format of the preset database protocol, so as to determine the response result of the database server to the request information;
[0086] The determining module 300 is configured to determine, based on the response result, a dangerous access interface for accessing the database server caused by the SQL injection, so as to block an access request for accessing the dangerous access interface.
[0087]In the embodiment of the present invention, the acquisition module 100 acquires the data packet sent by the...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com