Unlock instant, AI-driven research and patent intelligence for your innovation.

Database attack defense method and system

A database and related parameter technology, applied in the field of network security, can solve problems such as database system attacks and obtaining business information, and achieve the effect of avoiding attacks

Active Publication Date: 2019-08-23
郑州昂视信息科技有限公司
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, in order to illegally obtain business information from the database system, some malicious programs can conduct network attacks on the database system.
A specific method of network attack is that the malicious program uses the vulnerability of the user client to inject malicious database operation statements into the operation request sent by the client. When the database system processes the operation request, it will execute the maliciously injected database operation statement. subject to cyber attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database attack defense method and system
  • Database attack defense method and system
  • Database attack defense method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0043] The database is used to store data, and legitimate users can read the required data from the database. However, a malicious user may maliciously attack the database by injecting illegal SQL (Structured Query Language, Structured Query Language), and the attack method includes stealing data from the database.

[0044]Specifically, for example, the database can set permission levels for the stored data, and each permission level ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a database attack defense method and related equipment. The method includes the steps of obtaining a database operation code to be sent to a database module, wherein the database operation code comprises operation related parameters input by a user; performing code analysis on the database operation code to determine a preset executable code contained in the database operation code; encrypting the preset executable code by using an encryption rule corresponding to the parser module; splicing the encrypted preset executable code with operation related parameters input bya user to obtain a spliced statement; and sending the spliced statement to a database module, so that the database module executes the encrypted data in the spliced statement to obtain a database operation result. According to the method, only the executable code preset in the system is encrypted, so that when the database executes the splicing statement, only the encrypted executable code is executed, operation related parameters input by a user are not executed, and therefore, attack of a malicious program on the database by operating the related parameters is avoided.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a database attack defense method and system. Background technique [0002] In the Internet environment, business information can be stored in the database system, and users can send operation requests to the database system through the client, such as business information query requests, business information modification requests, etc. After receiving the operation request, the database system executes the database operation steps corresponding to the operation request, so as to obtain the operation result and return it to the user. [0003] However, some malicious programs can conduct network attacks on the database system in order to illegally obtain business information from the database system. A specific method of network attack is that the malicious program uses the vulnerability of the user client to inject malicious database operation statements into the operati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F21/62
CPCG06F21/563G06F21/6218
Inventor 韩首魁唐源
Owner 郑州昂视信息科技有限公司