CN107832618A - A kind of SQL injection detecting system and its method based on fine granularity control of authority - Google Patents
A kind of SQL injection detecting system and its method based on fine granularity control of authority Download PDFInfo
- Publication number
- CN107832618A CN107832618A CN201710848818.2A CN201710848818A CN107832618A CN 107832618 A CN107832618 A CN 107832618A CN 201710848818 A CN201710848818 A CN 201710848818A CN 107832618 A CN107832618 A CN 107832618A
- Authority
- CN
- China
- Prior art keywords
- authority
- service code
- sql
- database
- sql statement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Automation & Control Theory (AREA)
- Computing Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of SQL injection detecting system and its method based on fine granularity control of authority, it is related to field of information security technology.The system is:Receiving module interacts with service code table and authority extraction module respectively, realizes the reception of SQL statement and the extraction of service code submitted to user;Authority extraction module interacts with receiving module and authority detection module respectively, realizes the extraction to authority access information;Authority detection module interacts with authority extraction module, control of authority table and alarm module respectively, realizes the detection to SQL injection unauthorized operation;Alarm module interacts with authority detection module and service code table respectively, realizes daily record, alarm and the interception of SQL injection to SQL injection event.The present invention has following advantages and good effect:1. accuracy:It can find that SQL injection is attacked exactly, prevent user data from revealing;2. scalability;3. wide adaptability:It can be applied on Web server, middleware, database broker server and database server.
Description
Technical field
The present invention relates to field of information security technology, more particularly to a kind of SQL injection inspection based on fine granularity control of authority
Examining system and its method.
Background technology
So-called SQL injection (SQL Injection), exactly by the way that sql command is inserted into Web lists, URL and HTTP heads
The places such as portion, it is finally reached the sql command that spoofing server performs malice.Specifically, it is to utilize existing application, will
The sql command of malice is injected into the ability of background data base engine execution, and it can be by inputting malice SQL in Web lists
Sentence obtains the database on a website that security breaches be present, rather than is intended to go to perform SQL statement according to designer.
SQL injection harm is huge, data that can be in the case of without permission in operating database, including reads, distorts, adds
With delete etc. behavior.It is the key subjects in information security that detection how is carried out to SQL injection behavior, there is critically important meaning
Justice.
Currently, common SQL injection detection technique mainly has following several:
1) keyword identifies
Keyword identification technology is mainly that the SQL statement submitted to user checks, if SQL statement keyword,
Then it is judged as that SQL injection is attacked;Conventional keyword includes union, select, and, from etc..
2) regular expression pattern match
Attacked using regular expression to describe SQL injection, form attack mode feature database;The data that user submits can be with
Attack mode feature database carries out matching regular expressions, thinks SQL injection attack be present if the match is successful;Relative to keyword
For identification technology, reduce wrong report and fail to report.
3) machine learning
Machine learning techniques are generally divided into two stages:Study stage and detection-phase;In the study stage, in security context
Down by statistical analysis and data mining the methods of, learn the normal discharge feature of legal SQL statement, establish legal SQL languages
Sentence knowledge base;In detection-phase, the SQL statement that user submits is matched with legal SQL statement in knowledge base, data characteristics
During mismatch, then judge SQL injection attempt be present.
4) syntactic analysis
SQL syntax analysis is carried out to the various parameters in HTTP request, if there is legal SQL statement fragment, then recognized
SQL injection attack to be present;Or structure syntactic analysis tree, contrasted with normal syntactic analysis tree, if it is inconsistent,
Think SQL injection attack be present.
In these SQL injection detection methods, first three is all based on the SQL injection detection method of feature;But due to
The flexibility of the diversity and SQL injection of SQL sentences, certain wrong report all be present and fail to report;The above method 4) syntactic analysis phase
It is more accurate to be detected for, but also has the limitation of application scenes.
The content of the invention
The purpose of the present invention, which is that, overcomes shortcoming and defect existing for prior art, for SQL injection attack, carries
For a kind of SQL injection detecting system and its method based on fine granularity control of authority, the knowledge to SQL injection attack is realized
Not.
Realizing the object of the invention technical scheme is:
The present invention is accomplished by the following way and SQL injection is attacked by carrying out detailed research to SQL injection attack
The detection hit:
1st, it is related to each URL of SQL statement execution in being applied to Web, is that each SQL statement distributes business corresponding to URL
Code, generate service code table;This service code has uniqueness, and single service code correspond to and an only SQL language
Sentence.
2nd, to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;Described authority
Control table is the mapping of service code and authority;Described authority is fine-grained, including database, table, field, function and behaviour
The list that work etc. allows or forbidden.
3rd, the SQL statement submitted for user, authority information, including database, table, field, function and operation etc. are extracted
Access information;With reference to control of authority table and authority access information, authority detection is carried out, if there is unauthorized access, then confirms to deposit
In SQL injection leak.
First, the SQL injection detecting system based on fine granularity control of authority (abbreviation system)
The system includes receiving module, authority extraction module, authority detection module, alarm module, service code table and power
Limit control table;
Its interactive relation is:
Receiving module interacts with service code table and authority extraction module respectively, realizes to the SQL statement of user's submission
Receive the extraction with service code;
Authority extraction module interacts with receiving module and authority detection module respectively, realizes and authority access information is carried
Take;
Authority detection module interacts with authority extraction module, control of authority table and alarm module respectively, realizes to SQL injection
The detection of unauthorized operation;
Alarm module interacts with authority detection module and service code table respectively, realizes the day to SQL injection event
Will, alarm and the interception of SQL injection.
2nd, the SQL injection detection method based on fine granularity control of authority (abbreviation method)
The Research Thinking of this method is each to be related to each SQL languages corresponding to the URL of SQL statement execution in being applied for Web
Sentence one unique service code of generation;SQL statement corresponding to service code is analyzed, generates the mapping of service code and authority
Table, authority here is fine-grained;Authority access information in the SQL statement that extraction user submits, search access right control table,
Carry out authority detection;If there is unauthorized access, then confirm SQL injection leak be present.
Specifically, this method comprises the following steps:
It is each SQL statement distribution business corresponding to URL 1. being related to each URL of SQL statement execution in being applied for Web
Business code, generates service code table;
2. to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;
3. the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if
Unauthorized access be present, then confirm SQL injection leak be present.
The present invention has following advantages and good effect:
1. accuracy:The present invention is based on fine granularity control of authority, can find that SQL injection is attacked exactly, prevent user
Leaking data.
2. scalability:, can be very square on the premise of not modified to the structure of system in Web application upgrades
Just renewal authority control table, corresponding upgrade is completed;Meanwhile for new SQL injection attacking wayses, can also renewal authority
Control table, with the accuracy of increase detection.
3. wide adaptability:Present invention can apply to Web server, middleware, database broker server and database clothes
It is engaged on device.
Brief description of the drawings
Fig. 1 is the block diagram of the system;
Fig. 2 is the workflow diagram of this method.
Wherein:
11-receiving module;
12-authority extraction module;
13-authority detection module,
14-alarm module;
15-service code table;
16-control of authority table;
English to Chinese
1、SQL:Structured Query Language, SQL, it is a kind of data base querying and program
Design language, for accessing data and inquiry, renewal and administrative relationships Database Systems.
2、SQL inject:SQL injection, being used as the incoming Web of parameter by special input of the structure comprising SQL syntax should
With program, so as to perform the desired operation of attacker.
3、Web:World Wide Web, WWW, it is the system that a hypertext being linked to each other by many forms, leads to
Cross internet access.
Embodiment
Describe in detail with reference to the accompanying drawings and examples:
First, system
1st, it is overall
Such as Fig. 1, the system include receiving module 11, authority extraction module 12, authority detection module 13, alarm module 14,
Service code table 15 and control of authority table 16;
Its interactive relation is:
Receiving module 11 interacts with service code table 15 and authority extraction module 12 respectively, realizes the SQL submitted to user
The reception of sentence and the extraction of service code;
Authority extraction module 12 interacts with receiving module 11 and authority detection module 13 respectively, realizes to authority access information
Extraction;
Authority detection module 13 interacts with authority extraction module 12, control of authority table 16 and alarm module 14 respectively, realizes
Detection to SQL injection unauthorized operations;
Alarm module 14 interacts with authority detection module 13 and service code table 15 respectively, realizes to SQL injection thing
Daily record, alarm and the interception of SQL injection of part.
2nd, functional module
1) receiving module 11
Receiving module 11 is a kind of collecting method;
The SQL statement that user submits is received, therefrom extracts service code;Service code and SQL statement are sent to authority
Extraction module 12 is further processed.
2) authority extraction module 12
Authority extraction module 12 is a kind of data processing method;
Morphological analysis and syntactic analysis are carried out to SQL statement, extract the authority access information in SQL statement.
3) authority detection module 13
Authority detection module 13 is a kind of data processing method;
Authority access information is obtained from authority extraction module 12, the authority of corresponding service code is obtained from control of authority table 16
Control information, both are matched, if there is unauthorized access, then judge SQL injection be present.
4) alarm module 14
Alarm module 14 is a kind of event response method.
For receiving the testing result of authority detection module 13, with reference to service code table 15, to the correlation of SQL injection event
Information includes the information such as URL, SQL statement and the authority of violation and carries out daily record, is alerted.This request is intercepted simultaneously,
Avoid user data loss.
5) service code table 15
Service code table 15 is a kind of data store organisation;
It is service code and SQL including information such as service code, URL, SQL statement template and service code identification markings
The corresponding relation of sentence.
6) control of authority table 16
Control of authority table 16 is a kind of data store organisation.
It is the mapping of service code and access rights, including service code, the database for allowing operation, the number of quiescing
According to storehouse, allow operation table, quiescing table, allow operation function, quiescing function, allow operation field,
The information such as the field of quiescing, the operation allowed and the operation forbidden.
3rd, the working mechanism of the system:
The system is based primarily upon fine granularity control of authority and carries out SQL injection detection;The fine granularity control of authority includes permitting
Perhaps the database that operates, the database of quiescing, the table for allowing operation, quiescing table, allow the function of operation, forbid
The function of operation, the field for allowing operation, the field of quiescing, the operation allowed and the operation forbidden.
The system is divided into preparatory stage and implementation phase:
In the preparatory stage, each SQL statement in being applied to Web distributes a unique service code, generates business
Code table 15.Meanwhile SQL statement corresponding to each service code is analyzed, control of authority information is extracted, generates control of authority table
16。
In implementation phase, receiving module 11 receives the SQL statement that user submits, and therefrom extracts service code.Authority is extracted
Module 12 carries out morphological analysis and syntactic analysis to the SQL statement received, extracts authority access information.Authority detection module
13 obtain authority access information from authority extraction module 12, and the control of authority letter of corresponding service code is obtained from control of authority table 16
Breath, both are matched, and if there is unauthorized access, then judge SQL injection be present.After detecting SQL injection, alarm module
The relevant information of 14 pairs of SQL injection events includes the information such as URL, SQL statement and the authority of violation and carries out daily record, is alerted.
This request is intercepted simultaneously, avoids user data loss.
2nd, method
Such as Fig. 2, this method comprises the following steps:
1st, step 1.-S101
A, it is related to each URL of SQL statement execution in being applied for Web, is each SQL statement distribution business corresponding to URL
Business code, generates service code table;
B, the service code is the mark of SQL statement in Web applications, and its distribution has uniqueness;In the institute of Web applications
Have in all SQL statements corresponding to URL, single service code correspond to and an only SQL statement;
C, the service code table, it is a kind of data store organisation;Including service code, URL, SQL statement template and industry
Business code identification marking;
D, described service code identification marking, it is one or more keywords, the URL and HTTP that can be submitted from user
Extracted in message, corresponding service code and SQL statement can be associated with by these keywords;
E, service code embedded SQL sentence can be received SQL languages by Web applications on middleware or database server
During sentence, service code can be directly extracted from SQL statement, need not now be used because code identification marking;
F, " select title, author, source, the content from for SQL statement template
Exampledb.news where id=$ id ", its corresponding service code table clause Examples of information are as follows:
2nd, step 2.-S102
A, to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;
B, the control of authority table, it is a kind of data store organisation;It is the mapping of service code and authority, including following letter
Breath:The database-name set of service code, the database-name set for allowing operation and quiescing;
C, each database in the database-name set for allowing operation, control of authority table include following letter
Breath:The letter of the table name set, the table name set of quiescing, the function list for allowing operation and the quiescing that allow to operate
Ordered series of numbers table;
D, each database table in the table name set for allowing operation, control of authority table include following information:
Allow the field name set of operation, the field name set of quiescing, the operating list allowed and the operating list forbidden;
E, as an example, control of authority table clause information is as follows corresponding to service code news_item_view:
Service code | news_item_view |
Allow the database of operation | exampledb |
Forbid the database accessed | information_schema |
Database (exampledb) allows the table accessed | news |
Database (exampledb) forbids the table accessed | admin |
Tables of data (exampledb.news) allows the field accessed | title,author,source,content |
Tables of data (exampledb.news) forbids the field accessed | Nothing |
Tables of data (exampledb.news) allows the function accessed | Nothing |
Tables of data (exampledb.news) forbids the function accessed | Database(),Version(),User(),group_concat() |
The operation that tables of data (exampledb.news) allows | select |
The operation that tables of data (exampledb.news) is forbidden | Insert, delet, update |
3rd, step 3.-S103
Ith, the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if
Unauthorized access be present, then confirm SQL injection leak be present;
IIth, the authority access information includes following information:Service code and the database-name set of operation;For behaviour
Each database in the database-name set of work, authority access information include following information:The table name set of operation
With the function list of operation;For each database table in the table name set of operation, authority access information includes following
Information:The field name list of operation and operating list;
IIIth, described extraction authority access information, can be realized by syntactic analysis;Morphological analysis is carried out to SQL statement
And syntactic analysis, obtain authority access information corresponding to SQL statement;
IVth, described authority detection, can pass through database realizing;It is each in database according to control of authority table
Service code allocates a database user and corresponding authority in advance;After user submits SQL statement, with corresponding to service code
The identity for pre-allocating database user performs SQL statement;Because the authority for pre-allocating database user has been limited, if there is
Unauthorized access, then operation can be arrived by database detection;
Vth, as an example it is supposed that the URL that user accesses is " http://www.example.com/news.php%3Fid
=-1 union select admin, database (), 3, password from admin ", the SQL statement of submission are "
Select title, author, source, content from exampledb.news where id=-1union
Select admin, database (), 3, password from admin ", then the authority access information extracted are as follows:
The database of operation | exampledb |
The table of operation | exampledb.news,exampledb.admin |
The field of tables of data (exampledb.news) operation | title,author,source,content |
The field of tables of data (exampledb.admin) operation | admin,password |
The function that tables of data (exampledb.news) accesses | database() |
The operation that tables of data (exampledb.news) performs | select |
The operation that tables of data (exampledb.admin) performs | select |
Authority access information and corresponding control of authority table are matched, it can be found that following unauthorized access be present:
The table of unauthorized access:exampledb.admin
The field of tables of data (exampledb.admin) unauthorized access:Admin, password
The function of tables of data (exampledb.admin) unauthorized access:database()
Tables of data (exampledb.admin) is gone beyond one's commission the operation of execution:select
Thus, it is possible to judge that this HTTP request has SQL injection.
Claims (5)
- A kind of 1. SQL injection detecting system based on fine granularity control of authority, it is characterised in that:Including receiving module(11), authority extraction module(12), authority detection module(13), alarm module(14), service code Table(15)With control of authority table(16);Its interactive relation is:Receiving module(11)Respectively with service code table(15)With authority extraction module(12)Interaction, realize what user was submitted The reception of SQL statement and the extraction of service code;Authority extraction module(12)Respectively with receiving module(11)With authority detection module(13)Interaction, realize to access authority and believe The extraction of breath;Authority detection module(13)Respectively with authority extraction module(12), control of authority table(16)And alarm module(14)Interaction, Realize the detection to SQL injection unauthorized operation;Alarm module(14)Respectively with authority detection module(13)With service code table(15)Interact, realize to SQL injection Daily record, alarm and the interception of SQL injection of event.
- 2. the SQL injection detection method of system as described in claim 1, it is characterised in that comprise the steps:It is that each SQL statement distributes business generation corresponding to URL 1. being related to each URL of SQL statement execution in being applied for Web Code, generate service code table;2. to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;3. the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if there is Unauthorized access, then confirm SQL injection leak be present.
- 3. the SQL injection detection method as described in claim 2, it is characterised in that described step is 1.:A, it is related to each URL of SQL statement execution in being applied for Web, is that each SQL statement distributes business generation corresponding to URL Code, generate service code table;B, the service code is the mark of SQL statement in Web applications, and its distribution has uniqueness;In all of Web applications In all SQL statements corresponding to URL, single service code correspond to and an only SQL statement;C, the service code table, it is a kind of data store organisation;Including service code, URL, SQL statement template and business generation Code identification marking;D, described service code identification marking, it is one or more keywords, the URL and HTTP message that can be submitted from user Middle extraction, corresponding service code and SQL statement can be associated with by these keywords.
- 4. the SQL injection detection method as described in claim 2, it is characterised in that described step is 2.:A, to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;B, the control of authority table, it is a kind of data store organisation;It is the mapping of service code and authority, including following information: The database-name set of service code, the database-name set for allowing operation and quiescing;C, each database in the database-name set for allowing operation, control of authority table include following information:Permit Perhaps the function row of the table name set, the table name set of quiescing, the function list for allowing operation and the quiescing that operate Table;D, each database table in the table name set for allowing operation, control of authority table include following information:Allow The field name set of operation, the field name set of quiescing, the operating list allowed and the operating list forbidden.
- 5. the SQL injection detection method as described in claim 2, it is characterised in that described step is 3.:Ith, the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if there is Unauthorized access, then confirm SQL injection leak be present;IIth, the authority access information includes following information:Service code and the database-name set of operation;For operation Each database in database-name set, authority access information include following information:The table name set of operation and behaviour The function list of work;For each database table in the table name set of operation, authority access information includes following information: The field name list of operation and operating list;IIIth, described extraction authority access information, can be realized by syntactic analysis;Morphological analysis and language are carried out to SQL statement Method is analyzed, and obtains authority access information corresponding to SQL statement;IVth, described authority detection, can pass through database realizing;It is each business in database according to control of authority table Code allocates a database user and corresponding authority in advance;After user submits SQL statement, to divide in advance corresponding to service code Identity with database user performs SQL statement;Because the authority for pre-allocating database user has been limited, if there is going beyond one's commission Access, then operation can be arrived by database detection.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710848818.2A CN107832618B (en) | 2017-09-20 | 2017-09-20 | SQL injection detection system and method based on fine-grained authority control |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710848818.2A CN107832618B (en) | 2017-09-20 | 2017-09-20 | SQL injection detection system and method based on fine-grained authority control |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107832618A true CN107832618A (en) | 2018-03-23 |
CN107832618B CN107832618B (en) | 2019-12-24 |
Family
ID=61643411
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710848818.2A Active CN107832618B (en) | 2017-09-20 | 2017-09-20 | SQL injection detection system and method based on fine-grained authority control |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107832618B (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109766686A (en) * | 2018-04-25 | 2019-05-17 | 新华三大数据技术有限公司 | Rights management |
CN110321711A (en) * | 2019-07-05 | 2019-10-11 | 杭州安恒信息技术股份有限公司 | Detect the method and system of application server SQL injection point |
CN110532279A (en) * | 2019-07-12 | 2019-12-03 | 平安普惠企业管理有限公司 | Big data platform authority control method, device, computer equipment and storage medium |
CN110598445A (en) * | 2019-09-12 | 2019-12-20 | 金蝶蝶金云计算有限公司 | Database access control method, system and related equipment |
CN110909355A (en) * | 2018-09-17 | 2020-03-24 | 北京京东金融科技控股有限公司 | Unauthorized vulnerability detection method, system, electronic device and medium |
CN111651451A (en) * | 2020-04-25 | 2020-09-11 | 复旦大学 | Scene-driven single system micro-service splitting method |
CN112115466A (en) * | 2020-08-26 | 2020-12-22 | 广州锦行网络科技有限公司 | Sql injection method bypassing select key words |
CN112199677A (en) * | 2020-11-03 | 2021-01-08 | 安徽中安睿御科技有限公司 | Data processing method and device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101267357A (en) * | 2007-03-13 | 2008-09-17 | 北京启明星辰信息技术有限公司 | A SQL injection attack detection method and system |
CN101901219A (en) * | 2009-05-27 | 2010-12-01 | 北京启明星辰信息技术股份有限公司 | Detection method for injection attack of database and system |
CN103338208A (en) * | 2013-07-16 | 2013-10-02 | 五八同城信息技术有限公司 | Method and system for SQL injection and defense |
CN104166812A (en) * | 2014-06-25 | 2014-11-26 | 中国航天科工集团第二研究院七〇六所 | Database safety access control method based on independent authorization |
CN106469282A (en) * | 2015-08-21 | 2017-03-01 | 阿里巴巴集团控股有限公司 | data access authority control method and device |
CN106991322A (en) * | 2016-01-21 | 2017-07-28 | 北京启明星辰信息安全技术有限公司 | The detection method and device of a kind of SQL SQL injection attack |
-
2017
- 2017-09-20 CN CN201710848818.2A patent/CN107832618B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101267357A (en) * | 2007-03-13 | 2008-09-17 | 北京启明星辰信息技术有限公司 | A SQL injection attack detection method and system |
CN101901219A (en) * | 2009-05-27 | 2010-12-01 | 北京启明星辰信息技术股份有限公司 | Detection method for injection attack of database and system |
CN103338208A (en) * | 2013-07-16 | 2013-10-02 | 五八同城信息技术有限公司 | Method and system for SQL injection and defense |
CN104166812A (en) * | 2014-06-25 | 2014-11-26 | 中国航天科工集团第二研究院七〇六所 | Database safety access control method based on independent authorization |
CN106469282A (en) * | 2015-08-21 | 2017-03-01 | 阿里巴巴集团控股有限公司 | data access authority control method and device |
CN106991322A (en) * | 2016-01-21 | 2017-07-28 | 北京启明星辰信息安全技术有限公司 | The detection method and device of a kind of SQL SQL injection attack |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109766686A (en) * | 2018-04-25 | 2019-05-17 | 新华三大数据技术有限公司 | Rights management |
CN110909355A (en) * | 2018-09-17 | 2020-03-24 | 北京京东金融科技控股有限公司 | Unauthorized vulnerability detection method, system, electronic device and medium |
CN110321711A (en) * | 2019-07-05 | 2019-10-11 | 杭州安恒信息技术股份有限公司 | Detect the method and system of application server SQL injection point |
CN110321711B (en) * | 2019-07-05 | 2021-01-29 | 杭州安恒信息技术股份有限公司 | Method and system for detecting SQL injection point of application server |
CN110532279A (en) * | 2019-07-12 | 2019-12-03 | 平安普惠企业管理有限公司 | Big data platform authority control method, device, computer equipment and storage medium |
CN110598445A (en) * | 2019-09-12 | 2019-12-20 | 金蝶蝶金云计算有限公司 | Database access control method, system and related equipment |
CN110598445B (en) * | 2019-09-12 | 2022-05-20 | 金蝶蝶金云计算有限公司 | Database access control method, system and related equipment |
CN111651451A (en) * | 2020-04-25 | 2020-09-11 | 复旦大学 | Scene-driven single system micro-service splitting method |
CN112115466A (en) * | 2020-08-26 | 2020-12-22 | 广州锦行网络科技有限公司 | Sql injection method bypassing select key words |
CN112199677A (en) * | 2020-11-03 | 2021-01-08 | 安徽中安睿御科技有限公司 | Data processing method and device |
Also Published As
Publication number | Publication date |
---|---|
CN107832618B (en) | 2019-12-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107832618A (en) | A kind of SQL injection detecting system and its method based on fine granularity control of authority | |
CN103744802B (en) | Method and device for identifying SQL injection attacks | |
CN110537180B (en) | System and method for tagging elements in internet content within a direct browser | |
Sadeghian et al. | A taxonomy of SQL injection detection and prevention techniques | |
US11539745B2 (en) | Identifying legitimate websites to remove false positives from domain discovery analysis | |
US10503908B1 (en) | Vulnerability assessment based on machine inference | |
CN102446255B (en) | Method and device for detecting page tamper | |
CN102591965B (en) | Method and device for detecting black chain | |
CN105787366A (en) | Android software visualization safety analysis method based on module relations | |
EP2880580A1 (en) | Vulnerability vector information analysis | |
CN111753171B (en) | Malicious website identification method and device | |
US20090240670A1 (en) | Uniform resource identifier alignment | |
CN110929125A (en) | Search recall method, apparatus, device and storage medium thereof | |
CN111104579A (en) | Identification method and device for public network assets and storage medium | |
US11775749B1 (en) | Content masking attacks against information-based services and defenses thereto | |
CN112989348B (en) | Attack detection method, model training method, device, server and storage medium | |
CN110191096A (en) | A kind of term vector homepage invasion detection method based on semantic analysis | |
CN112199677A (en) | Data processing method and device | |
CN104036190A (en) | Method and device for detecting page tampering | |
Vanamala et al. | Recommending attack patterns for software requirements document | |
CN107871078A (en) | The method that vulnerability information is extracted in non-structured text | |
Wen et al. | Detecting malicious websites in depth through analyzing topics and web-pages | |
CN104036189A (en) | Page distortion detecting method and black link database generating method | |
CN105718599A (en) | Method and device for analyzing database access data packet | |
CN107222494A (en) | A kind of SQL injection attack defending component and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |