Database protection method and device, storage medium and computer equipment

A storage medium and database technology, applied in the field of database security, can solve problems such as false positives or false negatives, inability to exhaustively enumerate attack characteristics, and difficulty in dealing with various codes of attackers, so as to achieve the effect of precise protection.

Pending Publication Date: 2021-02-23
QI AN XIN SECURITY TECH ZHUHAI CO LTD +1
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, there are two main defense methods for using databases to attack databases. One is through feature matching of WAF (Web Application Firewall). This product is deployed in front of Web applications and detects and analyzes request packets sent to Web applications. to detect attacks; for example, when database attack characteristics such as ('or'1'='1) are found in the HTTP request traffic, it is intercepted and blocked; this protection method cannot exhaustively attack all attack characteristics, and it is difficult to deal with attacks Various encodings of the payload (for example, 'or'1'='1 is URL-encoded to '%20or%20'1'%20=%20'1)
Another way is through the database firewall. This product is deployed in front of the database and also uses attack signature matching for defense. However, compared with WAF, this product can obtain complete database execution statements (select name from userwhere id ='1'or'1'='1'), and the database execution statement no longer involves various encodings, so the attack characteristics can be clearly found, but the disadvantage is that it is impossible to list all the attack characteristics
[0004] Both of the above two methods can be regarded as judging whether it is an attack behavior through characteristics, so false positives or false negatives will occur. At present, an effective method that can improve the database attack recognition effect is needed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database protection method and device, storage medium and computer equipment
  • Database protection method and device, storage medium and computer equipment
  • Database protection method and device, storage medium and computer equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051]Hereinafter, the present application will be described in detail with reference to the drawings and embodiments. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other.

[0052] A database protection method is provided in this embodiment, such as figure 1 As shown, the method includes:

[0053] Step 101, monitor the target database operation function in the script interpreter, and capture the SQL statement for accessing the target database.

[0054] The embodiment of the present application is mainly used to protect the behavior of the database attacking the database server. In addition, the embodiment of the present application is mainly aimed at interpreting and executing scripts. By monitoring the interpreting executor, when the target database is accessed, it captures from the interpreting executor An access SQL statement to the target database, so as to det...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a database protection method and device, a storage medium and computer equipment, and the method comprises the steps of monitoring a target database operation function in a script interpreter, and capturing an SQL statement for accessing a target database; analyzing the SQL statement to obtain a statement structure of the SQL statement; and detecting whether the SQL statement is a database attack or not according to a preset SQL statement structure library and the statement structure of the SQL statement, and intercepting the database attack. According to the embodimentof the invention, the database attack is detected by utilizing the statement structure of the SQL statement, however, in the prior art, the database attack is generally determined by searching the attack features, and as all the attack features cannot be exhausted, an attacker can bypass attack detection only by changing the statement, false alarm or missing alarm is easily caused, and compared with the prior art, the risk that detection can be bypassed by changing statements does not exist, and accurate protection of database attacks can be achieved.

Description

technical field [0001] The present application relates to the technical field of database security, in particular to a database protection method and device, a storage medium, and computer equipment. Background technique [0002] SQL is the abbreviation of Structured Query Language (Structured Query Language), which is a special-purpose programming language. As a database query and programming language, it is used to access data and query, update and manage relational database systems; it is also The extension for database script files. SQL injection refers to inserting SQL commands into Web forms to submit or input query strings for domain names or page requests, and finally trick the server into executing malicious SQL commands. [0003] At present, there are two main defense methods for using databases to attack databases. One is through feature matching of WAF (Web Application Firewall). This product is deployed in front of Web applications and detects and analyzes requ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06F16/242
CPCG06F21/6218G06F16/2433
Inventor 刘明吴亚锋徐天婍
Owner QI AN XIN SECURITY TECH ZHUHAI CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products