Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

SQL injection detection method based on convolution neural network algorithm

A convolutional neural network and detection method technology, applied in the field of SQL injection detection, can solve the problems of low detection rate of mutation attack and low recognition rate of mutation attack, and achieve the effect of high recognition rate and reduced impact

Active Publication Date: 2019-03-01
厦门市德道优升教育服务有限公司
View PDF6 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, Li Hongling et al. proposed the SVM algorithm to train the injection detection model in terms of solving the applicability of the detection method and improving the accuracy of injection detection; Yang Lianqun et al. proposed to combine the hidden Markov model to reduce the false positive rate of SQL injection detection; Zhang Zhichao et al. A BP neural network training detection model is proposed. These detection features are fast and efficient, but its recognition rate for mutation attacks is low
[0004] In order to solve the problem of the low detection rate of mutation attacks, the inventor proposed a SQL injection detection method based on convolutional neural network algorithm

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection detection method based on convolution neural network algorithm
  • SQL injection detection method based on convolution neural network algorithm
  • SQL injection detection method based on convolution neural network algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Such as figure 1 As shown, the present invention discloses a SQL injection detection method based on a convolutional neural network algorithm, including:

[0036] Step 1, text word segmentation processing, which includes:

[0037] Step 1-1. Perform URL decoding on the collected training samples; when the browser sends data to the server, the client will package and encode the parameters input by the user before sending them to the server, so the collected training samples are often encoded For processing, decoding is required before training, and the recursive URL decoding method is used to parse the training samples with multiple URL encodings to ensure the consistency of data encoding.

[0038] Step 1-2, normalize the decoded data, which specifically includes: replacing the number in the URL with '0'; replacing the hyperlink in the URL with the form of 'http: / / u'; Unified and standardized processing to reduce the number of word segmentation after word segmentation. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a SQL injection detection method based on a convolution neural network algorithm. The method comprises the following steps: step one, performing text word-segmentation processing; step two, extracting a text vector: performing vocabulary model training on a training sample after the word segmentation processing by using a CBOW algorithm in a Word2Vec tool, converting the text data into the text vector; step three, training a detection model: designing a convolution neural network structure; selecting a convolution layer, a pooling layer and an activation function as parameters; inputting the text vector extracted from the step 2 into the convolution neural network to perform model training to obtain a detection model; step four, performing SQL injection detection: inputting the to-be-detected SQL injection instance into the detection model of the step three, or abandoning the data packet. Through the SQL injection detection method disclosed by the invention, the feature vector of an attack sample is extracted through the own characteristics of the CNN algorithm, the false alarm rate of the loophole detection is reduced, and a recognition rate for the variation attack is improved.

Description

technical field [0001] The invention relates to a method for detecting SQL injection based on a convolutional neural network algorithm. Background technique [0002] With the rapid development of computer technology and the Internet, Web applications have risen rapidly, and network security issues have attracted much attention. SQL injection vulnerability attack is one of the most popular hacking script attack methods on the Internet. SQL injection has the characteristics of high attack damage, multiple types, fast mutation, and hidden attack. Therefore, the detection and defense of SQL injection vulnerabilities has always been the focus of attention in the field of web security. [0003] There are many SQL injection methods, which can be divided into joint query injection, error injection, tautology attack, etc. based on different attack methods. The main principle of the SQL injection detection model is to intercept the communication data between the client and the Web s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06N3/08G06N3/04G06F17/27
CPCH04L63/1416H04L63/1466G06N3/084G06F40/289G06N3/045
Inventor 谢加良叶永辉李青岩
Owner 厦门市德道优升教育服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com