Supercharge Your Innovation With Domain-Expert AI Agents!

Structured query language SQL injection detection method and device

A structured query and detection method technology, applied in the field of network security, can solve the problems of false negatives and false positives, and consume a lot of manual analysis, so as to reduce the false positive rate of false negatives, reduce manual analysis, and improve the detection accuracy.

Pending Publication Date: 2019-10-22
HUAWEI CLOUD COMPUTING TECH CO LTD
View PDF8 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The accuracy of detection in traditional methods relies heavily on the comprehensiveness and accuracy of illegal models, so the implementation of traditional methods requires a lot of manual analysis, and is prone to false negatives and false positives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Structured query language SQL injection detection method and device
  • Structured query language SQL injection detection method and device
  • Structured query language SQL injection detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the accompanying drawings. Apparently, the described embodiments are only some of the embodiments of the present application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0042] Reference herein to an "embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the present application. The occurrences of this phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is understood explicitly and implicitly by those skilled in th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a structured query language SQL injection detection method and device. The method comprises the steps of preprocessing an SQL statement, converting the SQL statement into at least two vectors, and inputting the at least two vectors into a neural network model, thereby obtaining a detection result whether the SQL statement contains SQL injection or not. Specifically, the method comprises the steps of converting an SQL statement into an abstract syntax tree AST; traversing the AST, and converting the AST into a keyword sequence; determining a vector representing each keyword; and inputting the at least two vectors into a neural network model to obtain a detection result of the SQL statement. According to the method, manual analysis can be reduced, identification precision is improved, and false alarm rate is reduced.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a structured query language SQL injection detection method and device. Background technique [0002] Structured query language (structured query language, SQL) is a language used to operate the database. SQL injection refers to inserting malicious SQL commands into SQL statements, and inputting SQL statements to insert malicious SQL commands at the form submission site, domain name input site, or page request site in the World Wide Web (World Wide Web, Web), so as to achieve Trick the server into executing malicious SQL commands to steal, tamper or maliciously delete data in the database. [0003] SQL injection detection mainly detects SQL statements containing malicious SQL commands. Traditional SQL injection detection mainly relies on matching model libraries. In one detection method, the matching model library includes the abstract syntax tree of legal SQL statemen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F16/2452G06F16/28
CPCG06F16/284G06F16/24522
Inventor 卓中流蔡涛李鹏
Owner HUAWEI CLOUD COMPUTING TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com