Database security detection method and system based on user behavior rules
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A technology of security detection and database, which is applied in the field of database security detection, can solve problems such as the influence of network facilities, and achieve the effect of easy filtering
Pending Publication Date: 2020-12-29
BEIJING AN XIN TIAN XING TECH CO LTD
View PDF0 Cites 0 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
Secondly, if the security of the database cannot be guaranteed, the ne
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Example Embodiment
[0036]Example 1
[0037]Seefigure 1 This embodiment provides a database security detection method based on user behavior rules, and the method includes the following steps:
[0038]Step 101: Obtain the normal SQL statement submitted by the user to the database.
[0039]Step 102: Split the normal SQL statement into a user operation behavior vector. In this embodiment, the user operation behavior vector includes, but is not limited to, three elements of user name, operation behavior, and operation object. It should be noted that in database applications, a SQL statement may contain multiple different operations. For example, "DELETE FROM table1 WHERE NOTEXISTS(SELECT*FROM table2 WHERE table1.d1=table2.d1)" contains DELETE and SELECT. One type of operation, where DELETE corresponds to the operation table table1 and SELECT corresponds to the operation table table2. Therefore, the SQL statement can be split into 1:,2:.
[0040]Step 103: Use the set of user operation behavior vectors as the data set,...
Example Embodiment
[0074]Example 2
[0075]Seefigure 2 , This embodiment provides a database security detection system based on user behavior rules, the system includes:
[0076]The SQL statement obtaining module 201 is used to obtain the normal SQL statement submitted by the user to the database and obtain the SQL statement to be tested;
[0077]The SQL statement splitting module 202 is used to split normal SQL statements into user operation behavior vectors and to split the SQL statements to be detected into user operation behavior vectors to be detected. The user operation behavior vectors include user names, operation behaviors, and operations. Object
[0078]The normal operation behavior vector filtering module 203 is used to use the set of user operation behavior vectors as the data set, and the maximum confidence as the correlation metric, and use the Apriori algorithm to filter the user operation behavior vectors in the data set greater than the correlation threshold, and record Is the normal operation be...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention discloses a database security detection method and system based on user behavior rules. The method comprises the steps of obtaining a normal SQL statement submitted to a database by a user; splitting the normal SQL statement into a user operation behavior vector, wherein the user operation behavior vector comprises a user name, an operation behavior and an operation object; taking aset formed by the user operation behavior vectors as a data set, taking the maximum confidence coefficient as a correlation measurement standard, screening the user operation behavior vectors greaterthan a correlation threshold in the data set by adopting an Apriori algorithm, recording the screened user operation behavior vectors as normal operation behavior vectors, and recording the set formedby the normal operation behavior vectors as a user normal behavior library; obtaining a to-be-detected SQL statement; splitting the to-be-detected SQL statement into to-be-detected user operation behavior vectors; and matching the to-be-detected user operation behavior vector with each vector in a user normal behavior library to detect an abnormal behavior. The database security detection methodand system provided by the invention have the advantage of high identification precision for abnormal operation behaviors.
Description
technical field [0001] The invention relates to the technical field of database security detection, in particular to a database security detection method and system based on user behavior rules. Background technique [0002] With the widespread use of information technology in various industries, the database has gradually become an indispensable core asset of the information system, and a large amount of sensitive information stored in it is related to the fundamental interests of the society. Therefore, ensuring database security is of great significance to the entire information system. First of all, the user's information assets are stored in the database. Database security is very important to the security of user information assets. This requires the database to ensure that the stored data cannot be destroyed or leaked at will. Secondly, if the security of the database cannot be guaranteed, the network facilities where it is located will also be affected by security. ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more