Supercharge Your Innovation With Domain-Expert AI Agents!

SQL injection statement analysis method based on tree structure

An analysis method and tree structure technology, applied in special data processing applications, instruments, platform integrity maintenance, etc., can solve problems such as inability to effectively and accurately analyze key information

Pending Publication Date: 2022-02-11
ZHEJIANG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Traditional methods mainly focus on string-level processing, and cannot effectively and accurately analyze key information

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection statement analysis method based on tree structure
  • SQL injection statement analysis method based on tree structure

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] Such as figure 1 As shown, a tree-structure-based SQL injection statement parsing method of the present invention, through pre-steps such as extracting HTTP parameters, extracting SQL query statements, and extracting database features, then recursively builds a hierarchical tree, so that the processing flow of the SQL injection statement It is more optimized and the analysis results are more fine-grained. Specifically include the following steps:

[0021] (1) The SQL injection statement S is [1'or 1=1--+], including the left HTTP parameter [1'], the middle SQL query statement [or 1=1], and the right HTTP parameter [--+] three parts. First extract its HTTP parameters, that is, extract the content that plays an auxiliary role for SQL injection according to its semantics. Specifically, the leftmost and rightmost contents in the SQL injection statement are named S BL ,S BR .

[0022] (2) Extract the SQL query statement in the SQL injection statement, that is, the middl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an SQL injection statement analysis method based on a tree structure, and aims to solve the problems that fine-grained analysis, extraction and modification need to be carried out when an SQL injection statement is processed, and the fine-grained analysis of the SQL injection statement cannot be supported by character string level processing. According to the method, based on the thought of a tree-shaped data structure, methods such as boundary division and feature extraction are combined, SQL injection statements are recursively analyzed into a hierarchical tree-shaped structure, fine-grained processing can be conveniently carried out on the SQL injection statements, and operations such as query, analysis and modification can be carried out on the statements at the atomic operation level. The tree structure is a hierarchical tree, the father node contains all information of the child nodes, the hierarchical problem can be flexibly processed and analyzed, and the father node or the child nodes can be dynamically selected for processing.

Description

technical field [0001] The invention belongs to the technical field of network security, relates to the field of SQL injection, and in particular relates to a tree-structure-based SQL injection statement analysis method. Background technique [0002] With the continuous evolution and global deployment of the Internet, network services play an increasingly important role as social infrastructure in daily life. But on the other hand, they are also facing global threats from different places, different scales and through different means. Common web threats include SQL (Structured Query Language) injection, cross-site scripting, cross-site request forgery, distributed denial of service, etc. SQL injection is one of the most common and threatening attack methods, where an attacker exploits a security hole by performing SQL queries on a database to directly access unauthorized information, create or modify new user permissions, or otherwise manipulate sensitive information. [0...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06F21/57G06F16/242
CPCG06F21/554G06F21/577G06F16/2433
Inventor 吴春明曲振青凌祥陈双喜张江瑜黄泸明
Owner ZHEJIANG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com