Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

SQL injection test coverage rate statistics method and system

A technology of test coverage and statistical methods, which is applied in the field of SQL injection test coverage statistical methods and systems, can solve the problems of low reliability of SQL injection tests, and achieve the effect of improving test reliability

Inactive Publication Date: 2018-11-20
ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] An embodiment of the present invention provides a statistical method for SQL injection test coverage to solve the problem of low reliability of SQL injection tests in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection test coverage rate statistics method and system
  • SQL injection test coverage rate statistics method and system
  • SQL injection test coverage rate statistics method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] In order to enable those skilled in the art to better understand the technical solutions in the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described The embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present invention.

[0041] see figure 1 , is a schematic flowchart of a SQL injection test coverage statistical method provided by an embodiment of the present invention, such as figure 1 As shown, the SQL injection test coverage statistics method provided by the embodiment of the present invention includes:

[0042] S10: Obtain the URL to be tested, the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Embodiments of the invention disclose an SQL injection test coverage rate statistics method and system. The method comprises the steps of obtaining a to-be-tested URL, a to-be-tested request and a to-be-tested parameter; establishing a comparison database according to the to-be-tested URL, the to-be-tested request and the to-be-tested parameter; obtaining a test URL, a test request and a test parameter; comparing the test URL, the test request and the test parameter with the comparison database; marking the same comparison result in the comparison database; and determining a test coverage rateaccording to the number of marked data in the comparison database and the number of total data after the test is completed. According to the statistics method and system, the to-be-tested URL, request and parameter are obtained from a Web application; the comparison database is established to serve as a comparison standard of actual test items; the comparison database is compared with the URL, the request and the parameter used for actual testing in a test tool; the test coverage rate is calculated; and the reliability grade of the current test is determined according to the value of the testcoverage rate, so that the test reliability is improved.

Description

technical field [0001] The invention relates to the technical field of SQL injection testing, in particular to a statistical method and system for SQL injection testing coverage. Background technique [0002] SQL injection is a common attack method against Web services, which is executed by using SQL commands to illegally manipulate the database on the Web server. Specifically, it uses the ability of web applications to inject malicious SQL commands into the background database engine for execution, and obtains a database on a website with security vulnerabilities by entering malicious SQL statements in the web form, instead of following the developer's instructions. Intent to execute SQL statements. Among the Web security vulnerabilities that have been authoritatively counted over the years, SQL injection vulnerabilities are among the best, and have major harm. Therefore, SQL injection detection for Web applications has become very important and necessary. [0003] In the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06F17/30
Inventor 张忠伟
Owner ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com