A Database Intrusion Detection Method Based on Protocol Fingerprint

An intrusion detection and database technology, applied in the field of network security, can solve the problem of lack of user behavior positioning analysis and cannot meet the needs of database security, and achieve the effect of increasing the detection level

Active Publication Date: 2020-11-10
BEIJING INST OF COMP TECH & APPL
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these security mechanisms lack the function of positioning and analyzing user behavior, which cannot meet the needs of database security in the network environment.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Database Intrusion Detection Method Based on Protocol Fingerprint
  • A Database Intrusion Detection Method Based on Protocol Fingerprint

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the purpose, content, and advantages of the present invention clearer, the specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0027] The invention specifically aims at the problem that database intrusion detection cannot perform fine-grained analysis on user behavior, and proposes a database intrusion detection method based on protocol fingerprints. For database access protocols, according to the database protocol fingerprints of different types of databases and the protocol structure of database access, it analyzes the data packets accessing the database layer by layer, deeply analyzes the database access protocol, and analyzes the precise feature matching to accurately locate the behavior of users operating the database. In this way, the detection, analysis and response to database intrusion attacks can be accurately detected, including SQL ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a database intrusion detection method based on a protocol fingerprint. The method comprises the following steps: S1, acquiring network data; S2, performing network layer data resolution on the network data; S3, analyzing a data packet information format and content in comparison to a protocol fingerprint in a protocol fingerprint database, and resolving an acquired application layer data packet in the network data to obtain information of an SQL (Structured Query Language) statement; S4, reducing the SQL statement and user data for resolved data content according to thestructure and syntax of the SQL statement; S5, reducing the SQL statement and SQL statement parameters by feature matching analysis according to a pre-stored attack feature and an association rule; and S6, judging whether an attack feature exists or not according to an analysis result, and making a response to the detected attack feature.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a protocol fingerprint-based database intrusion detection method. Background technique [0002] At present, in terms of database security protection, people have proposed database security mechanisms such as access control, data encryption, security auditing, etc., which can effectively prevent and prevent the occurrence of illegal activities. However, these security mechanisms lack the function of positioning and analyzing user behavior and cannot meet the needs of database security in the network environment. The database intrusion detection can go deep into the user data in the database access package to conduct fine-grained analysis of user behavior. By analyzing the SQL statements, operations, parameters and other information submitted by the user to the database, it can well analyze the user's operation behavior on the database. [0003] There are many existing me...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55
CPCG06F21/552
Inventor 吴朝雄石波陈志浩沈德峰胡佳谢小明郭江沈艳林
Owner BEIJING INST OF COMP TECH & APPL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap