The invention discloses a structured query language (SQL) injection attack detection method and device. The SQL injection attack detection device comprises a plug-in association module, an analysis module, a self-learning module and a detection module. Based on a webpage application system server of a Java virtual machine environment, URL and parameter information in business request information of a client are associated with a triggered SQL statement, syntax analysis is carried out on the SQL statement to construct an SQL syntax tree through self-learning of the URL to identify effective parameter information, after the self-learning process, a relation model of the business request information which the URL and the effective parameter information belong to, and the SQL syntax tree of the associated SQL statement is established, the relation model is taken as the inspection reference, the relationship between the subsequent business request information and the SQL syntax tree of the associated SQL statement is inspected by being compared with the reference, if the inspection result is not consistent, it is determined that an SQL injection attack is detected, business access is rejected, and therefore the SQL injection attack can be detected accurately, and the business access safety of the network application is guaranteed.