SQL injection attack detection method based on dynamic clonal selection algorithm

A clone selection algorithm and injection attack technology, which is applied in the field of network security and can solve the problems of inability to identify unknown features and degradation of WAF detection performance.

Active Publication Date: 2018-07-27
南方电网互联网服务有限公司
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a SQL injection attack detection method based on a dynamic clone selection algorithm to solve the problems of the existing WAF detection performance degradation and the inability to identify unknown features and various deformation attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection attack detection method based on dynamic clonal selection algorithm
  • SQL injection attack detection method based on dynamic clonal selection algorithm
  • SQL injection attack detection method based on dynamic clonal selection algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0055] SQL injection attack detection method based on dynamic clone selection algorithm, the process is as follows figure 1 shown, follow the steps below:

[0056] Step S1: Extract the SQL statement submitted by the client browser, submit the SQL statement to the rule base detection module for "SQLIAs" fast pattern matching, if the match is successful, it indicates that the statement contains injection attack code, and the system terminates the request submitt...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SQL injection attack detection method based on a dynamic clonal selection algorithm. The method comprises the steps of extracting SQL statements submitted by a client browser and submitting the SQL statements to a rule base detection module for SQLIAs (SQL Injection Attacks) rapid mode matching; submitting the statements with unsuccessful mode matching to a dynamic detection module for deeper detection, introducing a local outlier factor as a fitness function for optimization of the distance between detectors before the dynamic detection module is operated, and constructing efficient detectors to identify normal data and abnormal data; operating the dynamic detection module to carry out detection; calling a clonal selection algorithm to carry out learning and identification; and updating system modules according to a detection result. The problem that the detection performance of an existing WAF (Web Application Firewall) is reduced and unknown features and various deformation attacks cannot be identified is solved.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a SQL injection attack detection method based on a dynamic clone selection algorithm. Background technique [0002] Web security is one of the research hotspots in the field of information security. SQL injection attacks (SQLIAs for short, SQLinjection attacks) are a type of Web application attack. Ranked among the top three. [0003] At present, the main method of protecting SQLIAs is to set up a Web Application Firewall (WAF for short). WAF is a detection mechanism based on an abnormal rule base. With the continuous increase of various variant attacks, its rule base will become larger and larger, resulting in Its detection performance degrades, and more seriously, it cannot identify unknown signatures and various deformation attacks. Based on this, it is necessary to invent a new dynamic SQL injection attack detection method to solve the above-mentioned problems exis...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 兰方鹏张泽华
Owner 南方电网互联网服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap