Unlock instant, AI-driven research and patent intelligence for your innovation.

A detection method, system and computer processing equipment for sql injection attack

A technology of injection attack and detection method, applied in the Internet field, can solve the problems of low SQL detection accuracy, low accuracy, high false alarm rate, etc.

Active Publication Date: 2021-04-20
SHENZHEN POWER SUPPLY BUREAU
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the diversity of SQL statements, the first type has a high false positive rate. Although the second type uses regular matching to reduce the false positive rate, the accuracy of SQL detection is still low. The third type requires the server to learn legal SQL statements. Otherwise, the legal SQL statement will be treated as an illegal SQL statement, which also has the problem of low accuracy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A detection method, system and computer processing equipment for sql injection attack
  • A detection method, system and computer processing equipment for sql injection attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042]While the flowchart describes the operations described in order, many of them can be implemented in parallel, concurrently or simultaneously. The order in which each operation can be rearranged. Processing can be terminated when its operation is completed, but may also have additional steps not included in the drawings. Processing can correspond to methods, functions, procedures, subroutines, subroutines, and more.

[0043]Computer devices include user equipment and network devices. Among them, user equipment or clients include, but are not limited to, computer, smartphones, PDAs, etc .; network devices include, but are not limited to, a single network server, a server group consisting of multiple web servers or a cloud computing by a large number of computer or web servers cloud. The computer device can operate alone to implement the present invention, and can also access the network and achieve the present invention by interacting with other computer devices in the network. The...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method for detecting SQL injection attacks. The method includes: obtaining SQL to be detected; decomposing the SQL to be detected into multiple SQL samples according to preset rules; and inputting the multiple SQL samples into the In the corresponding number of preset decision-making models, the decision-making results are respectively obtained; the decision-making results corresponding to the number of multiple SQL samples are compared, and according to the comparison results, it is judged whether the SQL to be detected is an injection attack. In this way, the obtained SQL can be decomposed into multiple SQL samples, each sample is processed, and the decision result is obtained, and then it is determined whether it is an SQL injection attack according to the number of decision results, so as to detect SQL injection attacks more accurately .

Description

Technical field[0001]The present invention relates to the field of Internet technologies, and in particular, to a detection method, system, and computer processing of SQL injection attacks.Background technique[0002]In recent years, SQL injection attacks are always in front of the top three of the Web security threat. The attacker is injected into the attack through SQL, which can achieve illegal purposes such as websites, web tampering, information stealing and permeating inside. Therefore, SQL injection attacks have seriously affecting Web security and normal operation.[0003]The so-called SQL injection is the query string that submits the SQL command to the web form or the field name or page request, eventually reaches the spoofer to perform a malicious SQL command. Specifically, it uses existing applications to inject the malicious SQL command into the power execution of the background database engine, which can get a database on the website where the malicious SQL statement is en...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06F21/62
CPCG06F21/56G06F21/6218
Inventor 张珣
Owner SHENZHEN POWER SUPPLY BUREAU