CN107832618A - A kind of SQL injection detecting system and its method based on fine granularity control of authority - Google Patents

A kind of SQL injection detecting system and its method based on fine granularity control of authority Download PDF

Info

Publication number
CN107832618A
CN107832618A CN201710848818.2A CN201710848818A CN107832618A CN 107832618 A CN107832618 A CN 107832618A CN 201710848818 A CN201710848818 A CN 201710848818A CN 107832618 A CN107832618 A CN 107832618A
Authority
CN
China
Prior art keywords
authority
service code
sql
database
sql statement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710848818.2A
Other languages
Chinese (zh)
Other versions
CN107832618B (en
Inventor
罗蛟
保永武
叶猛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN
Original Assignee
HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN filed Critical HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN
Priority to CN201710848818.2A priority Critical patent/CN107832618B/en
Publication of CN107832618A publication Critical patent/CN107832618A/en
Application granted granted Critical
Publication of CN107832618B publication Critical patent/CN107832618B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Automation & Control Theory (AREA)
  • Computing Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of SQL injection detecting system and its method based on fine granularity control of authority, it is related to field of information security technology.The system is:Receiving module interacts with service code table and authority extraction module respectively, realizes the reception of SQL statement and the extraction of service code submitted to user;Authority extraction module interacts with receiving module and authority detection module respectively, realizes the extraction to authority access information;Authority detection module interacts with authority extraction module, control of authority table and alarm module respectively, realizes the detection to SQL injection unauthorized operation;Alarm module interacts with authority detection module and service code table respectively, realizes daily record, alarm and the interception of SQL injection to SQL injection event.The present invention has following advantages and good effect:1. accuracy:It can find that SQL injection is attacked exactly, prevent user data from revealing;2. scalability;3. wide adaptability:It can be applied on Web server, middleware, database broker server and database server.

Description

A kind of SQL injection detecting system and its method based on fine granularity control of authority
Technical field
The present invention relates to field of information security technology, more particularly to a kind of SQL injection inspection based on fine granularity control of authority Examining system and its method.
Background technology
So-called SQL injection (SQL Injection), exactly by the way that sql command is inserted into Web lists, URL and HTTP heads The places such as portion, it is finally reached the sql command that spoofing server performs malice.Specifically, it is to utilize existing application, will The sql command of malice is injected into the ability of background data base engine execution, and it can be by inputting malice SQL in Web lists Sentence obtains the database on a website that security breaches be present, rather than is intended to go to perform SQL statement according to designer. SQL injection harm is huge, data that can be in the case of without permission in operating database, including reads, distorts, adds With delete etc. behavior.It is the key subjects in information security that detection how is carried out to SQL injection behavior, there is critically important meaning Justice.
Currently, common SQL injection detection technique mainly has following several:
1) keyword identifies
Keyword identification technology is mainly that the SQL statement submitted to user checks, if SQL statement keyword, Then it is judged as that SQL injection is attacked;Conventional keyword includes union, select, and, from etc..
2) regular expression pattern match
Attacked using regular expression to describe SQL injection, form attack mode feature database;The data that user submits can be with Attack mode feature database carries out matching regular expressions, thinks SQL injection attack be present if the match is successful;Relative to keyword For identification technology, reduce wrong report and fail to report.
3) machine learning
Machine learning techniques are generally divided into two stages:Study stage and detection-phase;In the study stage, in security context Down by statistical analysis and data mining the methods of, learn the normal discharge feature of legal SQL statement, establish legal SQL languages Sentence knowledge base;In detection-phase, the SQL statement that user submits is matched with legal SQL statement in knowledge base, data characteristics During mismatch, then judge SQL injection attempt be present.
4) syntactic analysis
SQL syntax analysis is carried out to the various parameters in HTTP request, if there is legal SQL statement fragment, then recognized SQL injection attack to be present;Or structure syntactic analysis tree, contrasted with normal syntactic analysis tree, if it is inconsistent, Think SQL injection attack be present.
In these SQL injection detection methods, first three is all based on the SQL injection detection method of feature;But due to The flexibility of the diversity and SQL injection of SQL sentences, certain wrong report all be present and fail to report;The above method 4) syntactic analysis phase It is more accurate to be detected for, but also has the limitation of application scenes.
The content of the invention
The purpose of the present invention, which is that, overcomes shortcoming and defect existing for prior art, for SQL injection attack, carries For a kind of SQL injection detecting system and its method based on fine granularity control of authority, the knowledge to SQL injection attack is realized Not.
Realizing the object of the invention technical scheme is:
The present invention is accomplished by the following way and SQL injection is attacked by carrying out detailed research to SQL injection attack The detection hit:
1st, it is related to each URL of SQL statement execution in being applied to Web, is that each SQL statement distributes business corresponding to URL Code, generate service code table;This service code has uniqueness, and single service code correspond to and an only SQL language Sentence.
2nd, to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;Described authority Control table is the mapping of service code and authority;Described authority is fine-grained, including database, table, field, function and behaviour The list that work etc. allows or forbidden.
3rd, the SQL statement submitted for user, authority information, including database, table, field, function and operation etc. are extracted Access information;With reference to control of authority table and authority access information, authority detection is carried out, if there is unauthorized access, then confirms to deposit In SQL injection leak.
First, the SQL injection detecting system based on fine granularity control of authority (abbreviation system)
The system includes receiving module, authority extraction module, authority detection module, alarm module, service code table and power Limit control table;
Its interactive relation is:
Receiving module interacts with service code table and authority extraction module respectively, realizes to the SQL statement of user's submission Receive the extraction with service code;
Authority extraction module interacts with receiving module and authority detection module respectively, realizes and authority access information is carried Take;
Authority detection module interacts with authority extraction module, control of authority table and alarm module respectively, realizes to SQL injection The detection of unauthorized operation;
Alarm module interacts with authority detection module and service code table respectively, realizes the day to SQL injection event Will, alarm and the interception of SQL injection.
2nd, the SQL injection detection method based on fine granularity control of authority (abbreviation method)
The Research Thinking of this method is each to be related to each SQL languages corresponding to the URL of SQL statement execution in being applied for Web Sentence one unique service code of generation;SQL statement corresponding to service code is analyzed, generates the mapping of service code and authority Table, authority here is fine-grained;Authority access information in the SQL statement that extraction user submits, search access right control table, Carry out authority detection;If there is unauthorized access, then confirm SQL injection leak be present.
Specifically, this method comprises the following steps:
It is each SQL statement distribution business corresponding to URL 1. being related to each URL of SQL statement execution in being applied for Web Business code, generates service code table;
2. to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;
3. the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if Unauthorized access be present, then confirm SQL injection leak be present.
The present invention has following advantages and good effect:
1. accuracy:The present invention is based on fine granularity control of authority, can find that SQL injection is attacked exactly, prevent user Leaking data.
2. scalability:, can be very square on the premise of not modified to the structure of system in Web application upgrades Just renewal authority control table, corresponding upgrade is completed;Meanwhile for new SQL injection attacking wayses, can also renewal authority Control table, with the accuracy of increase detection.
3. wide adaptability:Present invention can apply to Web server, middleware, database broker server and database clothes It is engaged on device.
Brief description of the drawings
Fig. 1 is the block diagram of the system;
Fig. 2 is the workflow diagram of this method.
Wherein:
11-receiving module;
12-authority extraction module;
13-authority detection module,
14-alarm module;
15-service code table;
16-control of authority table;
English to Chinese
1、SQL:Structured Query Language, SQL, it is a kind of data base querying and program Design language, for accessing data and inquiry, renewal and administrative relationships Database Systems.
2、SQL inject:SQL injection, being used as the incoming Web of parameter by special input of the structure comprising SQL syntax should With program, so as to perform the desired operation of attacker.
3、Web:World Wide Web, WWW, it is the system that a hypertext being linked to each other by many forms, leads to Cross internet access.
Embodiment
Describe in detail with reference to the accompanying drawings and examples:
First, system
1st, it is overall
Such as Fig. 1, the system include receiving module 11, authority extraction module 12, authority detection module 13, alarm module 14, Service code table 15 and control of authority table 16;
Its interactive relation is:
Receiving module 11 interacts with service code table 15 and authority extraction module 12 respectively, realizes the SQL submitted to user The reception of sentence and the extraction of service code;
Authority extraction module 12 interacts with receiving module 11 and authority detection module 13 respectively, realizes to authority access information Extraction;
Authority detection module 13 interacts with authority extraction module 12, control of authority table 16 and alarm module 14 respectively, realizes Detection to SQL injection unauthorized operations;
Alarm module 14 interacts with authority detection module 13 and service code table 15 respectively, realizes to SQL injection thing Daily record, alarm and the interception of SQL injection of part.
2nd, functional module
1) receiving module 11
Receiving module 11 is a kind of collecting method;
The SQL statement that user submits is received, therefrom extracts service code;Service code and SQL statement are sent to authority Extraction module 12 is further processed.
2) authority extraction module 12
Authority extraction module 12 is a kind of data processing method;
Morphological analysis and syntactic analysis are carried out to SQL statement, extract the authority access information in SQL statement.
3) authority detection module 13
Authority detection module 13 is a kind of data processing method;
Authority access information is obtained from authority extraction module 12, the authority of corresponding service code is obtained from control of authority table 16 Control information, both are matched, if there is unauthorized access, then judge SQL injection be present.
4) alarm module 14
Alarm module 14 is a kind of event response method.
For receiving the testing result of authority detection module 13, with reference to service code table 15, to the correlation of SQL injection event Information includes the information such as URL, SQL statement and the authority of violation and carries out daily record, is alerted.This request is intercepted simultaneously, Avoid user data loss.
5) service code table 15
Service code table 15 is a kind of data store organisation;
It is service code and SQL including information such as service code, URL, SQL statement template and service code identification markings The corresponding relation of sentence.
6) control of authority table 16
Control of authority table 16 is a kind of data store organisation.
It is the mapping of service code and access rights, including service code, the database for allowing operation, the number of quiescing According to storehouse, allow operation table, quiescing table, allow operation function, quiescing function, allow operation field, The information such as the field of quiescing, the operation allowed and the operation forbidden.
3rd, the working mechanism of the system:
The system is based primarily upon fine granularity control of authority and carries out SQL injection detection;The fine granularity control of authority includes permitting Perhaps the database that operates, the database of quiescing, the table for allowing operation, quiescing table, allow the function of operation, forbid The function of operation, the field for allowing operation, the field of quiescing, the operation allowed and the operation forbidden.
The system is divided into preparatory stage and implementation phase:
In the preparatory stage, each SQL statement in being applied to Web distributes a unique service code, generates business Code table 15.Meanwhile SQL statement corresponding to each service code is analyzed, control of authority information is extracted, generates control of authority table 16。
In implementation phase, receiving module 11 receives the SQL statement that user submits, and therefrom extracts service code.Authority is extracted Module 12 carries out morphological analysis and syntactic analysis to the SQL statement received, extracts authority access information.Authority detection module 13 obtain authority access information from authority extraction module 12, and the control of authority letter of corresponding service code is obtained from control of authority table 16 Breath, both are matched, and if there is unauthorized access, then judge SQL injection be present.After detecting SQL injection, alarm module The relevant information of 14 pairs of SQL injection events includes the information such as URL, SQL statement and the authority of violation and carries out daily record, is alerted. This request is intercepted simultaneously, avoids user data loss.
2nd, method
Such as Fig. 2, this method comprises the following steps:
1st, step 1.-S101
A, it is related to each URL of SQL statement execution in being applied for Web, is each SQL statement distribution business corresponding to URL Business code, generates service code table;
B, the service code is the mark of SQL statement in Web applications, and its distribution has uniqueness;In the institute of Web applications Have in all SQL statements corresponding to URL, single service code correspond to and an only SQL statement;
C, the service code table, it is a kind of data store organisation;Including service code, URL, SQL statement template and industry Business code identification marking;
D, described service code identification marking, it is one or more keywords, the URL and HTTP that can be submitted from user Extracted in message, corresponding service code and SQL statement can be associated with by these keywords;
E, service code embedded SQL sentence can be received SQL languages by Web applications on middleware or database server During sentence, service code can be directly extracted from SQL statement, need not now be used because code identification marking;
F, " select title, author, source, the content from for SQL statement template Exampledb.news where id=$ id ", its corresponding service code table clause Examples of information are as follows:
2nd, step 2.-S102
A, to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;
B, the control of authority table, it is a kind of data store organisation;It is the mapping of service code and authority, including following letter Breath:The database-name set of service code, the database-name set for allowing operation and quiescing;
C, each database in the database-name set for allowing operation, control of authority table include following letter Breath:The letter of the table name set, the table name set of quiescing, the function list for allowing operation and the quiescing that allow to operate Ordered series of numbers table;
D, each database table in the table name set for allowing operation, control of authority table include following information: Allow the field name set of operation, the field name set of quiescing, the operating list allowed and the operating list forbidden;
E, as an example, control of authority table clause information is as follows corresponding to service code news_item_view:
Service code news_item_view
Allow the database of operation exampledb
Forbid the database accessed information_schema
Database (exampledb) allows the table accessed news
Database (exampledb) forbids the table accessed admin
Tables of data (exampledb.news) allows the field accessed title,author,source,content
Tables of data (exampledb.news) forbids the field accessed Nothing
Tables of data (exampledb.news) allows the function accessed Nothing
Tables of data (exampledb.news) forbids the function accessed Database(),Version(),User(),group_concat()
The operation that tables of data (exampledb.news) allows select
The operation that tables of data (exampledb.news) is forbidden Insert, delet, update
3rd, step 3.-S103
Ith, the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if Unauthorized access be present, then confirm SQL injection leak be present;
IIth, the authority access information includes following information:Service code and the database-name set of operation;For behaviour Each database in the database-name set of work, authority access information include following information:The table name set of operation With the function list of operation;For each database table in the table name set of operation, authority access information includes following Information:The field name list of operation and operating list;
IIIth, described extraction authority access information, can be realized by syntactic analysis;Morphological analysis is carried out to SQL statement And syntactic analysis, obtain authority access information corresponding to SQL statement;
IVth, described authority detection, can pass through database realizing;It is each in database according to control of authority table Service code allocates a database user and corresponding authority in advance;After user submits SQL statement, with corresponding to service code The identity for pre-allocating database user performs SQL statement;Because the authority for pre-allocating database user has been limited, if there is Unauthorized access, then operation can be arrived by database detection;
Vth, as an example it is supposed that the URL that user accesses is " http://www.example.com/news.php%3Fid =-1 union select admin, database (), 3, password from admin ", the SQL statement of submission are " Select title, author, source, content from exampledb.news where id=-1union Select admin, database (), 3, password from admin ", then the authority access information extracted are as follows:
The database of operation exampledb
The table of operation exampledb.news,exampledb.admin
The field of tables of data (exampledb.news) operation title,author,source,content
The field of tables of data (exampledb.admin) operation admin,password
The function that tables of data (exampledb.news) accesses database()
The operation that tables of data (exampledb.news) performs select
The operation that tables of data (exampledb.admin) performs select
Authority access information and corresponding control of authority table are matched, it can be found that following unauthorized access be present:
The table of unauthorized access:exampledb.admin
The field of tables of data (exampledb.admin) unauthorized access:Admin, password
The function of tables of data (exampledb.admin) unauthorized access:database()
Tables of data (exampledb.admin) is gone beyond one's commission the operation of execution:select
Thus, it is possible to judge that this HTTP request has SQL injection.

Claims (5)

  1. A kind of 1. SQL injection detecting system based on fine granularity control of authority, it is characterised in that:
    Including receiving module(11), authority extraction module(12), authority detection module(13), alarm module(14), service code Table(15)With control of authority table(16);
    Its interactive relation is:
    Receiving module(11)Respectively with service code table(15)With authority extraction module(12)Interaction, realize what user was submitted The reception of SQL statement and the extraction of service code;
    Authority extraction module(12)Respectively with receiving module(11)With authority detection module(13)Interaction, realize to access authority and believe The extraction of breath;
    Authority detection module(13)Respectively with authority extraction module(12), control of authority table(16)And alarm module(14)Interaction, Realize the detection to SQL injection unauthorized operation;
    Alarm module(14)Respectively with authority detection module(13)With service code table(15)Interact, realize to SQL injection Daily record, alarm and the interception of SQL injection of event.
  2. 2. the SQL injection detection method of system as described in claim 1, it is characterised in that comprise the steps:
    It is that each SQL statement distributes business generation corresponding to URL 1. being related to each URL of SQL statement execution in being applied for Web Code, generate service code table;
    2. to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;
    3. the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if there is Unauthorized access, then confirm SQL injection leak be present.
  3. 3. the SQL injection detection method as described in claim 2, it is characterised in that described step is 1.:
    A, it is related to each URL of SQL statement execution in being applied for Web, is that each SQL statement distributes business generation corresponding to URL Code, generate service code table;
    B, the service code is the mark of SQL statement in Web applications, and its distribution has uniqueness;In all of Web applications In all SQL statements corresponding to URL, single service code correspond to and an only SQL statement;
    C, the service code table, it is a kind of data store organisation;Including service code, URL, SQL statement template and business generation Code identification marking;
    D, described service code identification marking, it is one or more keywords, the URL and HTTP message that can be submitted from user Middle extraction, corresponding service code and SQL statement can be associated with by these keywords.
  4. 4. the SQL injection detection method as described in claim 2, it is characterised in that described step is 2.:
    A, to each service code, its corresponding SQL statement is analyzed, control of authority table corresponding to generation;
    B, the control of authority table, it is a kind of data store organisation;It is the mapping of service code and authority, including following information: The database-name set of service code, the database-name set for allowing operation and quiescing;
    C, each database in the database-name set for allowing operation, control of authority table include following information:Permit Perhaps the function row of the table name set, the table name set of quiescing, the function list for allowing operation and the quiescing that operate Table;
    D, each database table in the table name set for allowing operation, control of authority table include following information:Allow The field name set of operation, the field name set of quiescing, the operating list allowed and the operating list forbidden.
  5. 5. the SQL injection detection method as described in claim 2, it is characterised in that described step is 3.:
    Ith, the SQL statement submitted for user, authority information is extracted, search access right control table, carries out authority detection, if there is Unauthorized access, then confirm SQL injection leak be present;
    IIth, the authority access information includes following information:Service code and the database-name set of operation;For operation Each database in database-name set, authority access information include following information:The table name set of operation and behaviour The function list of work;For each database table in the table name set of operation, authority access information includes following information: The field name list of operation and operating list;
    IIIth, described extraction authority access information, can be realized by syntactic analysis;Morphological analysis and language are carried out to SQL statement Method is analyzed, and obtains authority access information corresponding to SQL statement;
    IVth, described authority detection, can pass through database realizing;It is each business in database according to control of authority table Code allocates a database user and corresponding authority in advance;After user submits SQL statement, to divide in advance corresponding to service code Identity with database user performs SQL statement;Because the authority for pre-allocating database user has been limited, if there is going beyond one's commission Access, then operation can be arrived by database detection.
CN201710848818.2A 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control Active CN107832618B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710848818.2A CN107832618B (en) 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710848818.2A CN107832618B (en) 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control

Publications (2)

Publication Number Publication Date
CN107832618A true CN107832618A (en) 2018-03-23
CN107832618B CN107832618B (en) 2019-12-24

Family

ID=61643411

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710848818.2A Active CN107832618B (en) 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control

Country Status (1)

Country Link
CN (1) CN107832618B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109766686A (en) * 2018-04-25 2019-05-17 新华三大数据技术有限公司 Rights management
CN110321711A (en) * 2019-07-05 2019-10-11 杭州安恒信息技术股份有限公司 Detect the method and system of application server SQL injection point
CN110532279A (en) * 2019-07-12 2019-12-03 平安普惠企业管理有限公司 Big data platform authority control method, device, computer equipment and storage medium
CN110598445A (en) * 2019-09-12 2019-12-20 金蝶蝶金云计算有限公司 Database access control method, system and related equipment
CN110909355A (en) * 2018-09-17 2020-03-24 北京京东金融科技控股有限公司 Unauthorized vulnerability detection method, system, electronic device and medium
CN111651451A (en) * 2020-04-25 2020-09-11 复旦大学 Scene-driven single system micro-service splitting method
CN112115466A (en) * 2020-08-26 2020-12-22 广州锦行网络科技有限公司 Sql injection method bypassing select key words
CN112199677A (en) * 2020-11-03 2021-01-08 安徽中安睿御科技有限公司 Data processing method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101267357A (en) * 2007-03-13 2008-09-17 北京启明星辰信息技术有限公司 A SQL injection attack detection method and system
CN101901219A (en) * 2009-05-27 2010-12-01 北京启明星辰信息技术股份有限公司 Detection method for injection attack of database and system
CN103338208A (en) * 2013-07-16 2013-10-02 五八同城信息技术有限公司 Method and system for SQL injection and defense
CN104166812A (en) * 2014-06-25 2014-11-26 中国航天科工集团第二研究院七〇六所 Database safety access control method based on independent authorization
CN106469282A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 data access authority control method and device
CN106991322A (en) * 2016-01-21 2017-07-28 北京启明星辰信息安全技术有限公司 The detection method and device of a kind of SQL SQL injection attack

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101267357A (en) * 2007-03-13 2008-09-17 北京启明星辰信息技术有限公司 A SQL injection attack detection method and system
CN101901219A (en) * 2009-05-27 2010-12-01 北京启明星辰信息技术股份有限公司 Detection method for injection attack of database and system
CN103338208A (en) * 2013-07-16 2013-10-02 五八同城信息技术有限公司 Method and system for SQL injection and defense
CN104166812A (en) * 2014-06-25 2014-11-26 中国航天科工集团第二研究院七〇六所 Database safety access control method based on independent authorization
CN106469282A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 data access authority control method and device
CN106991322A (en) * 2016-01-21 2017-07-28 北京启明星辰信息安全技术有限公司 The detection method and device of a kind of SQL SQL injection attack

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109766686A (en) * 2018-04-25 2019-05-17 新华三大数据技术有限公司 Rights management
CN110909355A (en) * 2018-09-17 2020-03-24 北京京东金融科技控股有限公司 Unauthorized vulnerability detection method, system, electronic device and medium
CN110321711A (en) * 2019-07-05 2019-10-11 杭州安恒信息技术股份有限公司 Detect the method and system of application server SQL injection point
CN110321711B (en) * 2019-07-05 2021-01-29 杭州安恒信息技术股份有限公司 Method and system for detecting SQL injection point of application server
CN110532279A (en) * 2019-07-12 2019-12-03 平安普惠企业管理有限公司 Big data platform authority control method, device, computer equipment and storage medium
CN110598445A (en) * 2019-09-12 2019-12-20 金蝶蝶金云计算有限公司 Database access control method, system and related equipment
CN110598445B (en) * 2019-09-12 2022-05-20 金蝶蝶金云计算有限公司 Database access control method, system and related equipment
CN111651451A (en) * 2020-04-25 2020-09-11 复旦大学 Scene-driven single system micro-service splitting method
CN112115466A (en) * 2020-08-26 2020-12-22 广州锦行网络科技有限公司 Sql injection method bypassing select key words
CN112199677A (en) * 2020-11-03 2021-01-08 安徽中安睿御科技有限公司 Data processing method and device

Also Published As

Publication number Publication date
CN107832618B (en) 2019-12-24

Similar Documents

Publication Publication Date Title
CN107832618A (en) A kind of SQL injection detecting system and its method based on fine granularity control of authority
CN103744802B (en) Method and device for identifying SQL injection attacks
CN110537180B (en) System and method for tagging elements in internet content within a direct browser
Sadeghian et al. A taxonomy of SQL injection detection and prevention techniques
US11539745B2 (en) Identifying legitimate websites to remove false positives from domain discovery analysis
US10503908B1 (en) Vulnerability assessment based on machine inference
CN102446255B (en) Method and device for detecting page tamper
CN102591965B (en) Method and device for detecting black chain
CN105787366A (en) Android software visualization safety analysis method based on module relations
EP2880580A1 (en) Vulnerability vector information analysis
CN111753171B (en) Malicious website identification method and device
US20090240670A1 (en) Uniform resource identifier alignment
CN110929125A (en) Search recall method, apparatus, device and storage medium thereof
CN111104579A (en) Identification method and device for public network assets and storage medium
US11775749B1 (en) Content masking attacks against information-based services and defenses thereto
CN112989348B (en) Attack detection method, model training method, device, server and storage medium
CN110191096A (en) A kind of term vector homepage invasion detection method based on semantic analysis
CN112199677A (en) Data processing method and device
CN104036190A (en) Method and device for detecting page tampering
Vanamala et al. Recommending attack patterns for software requirements document
CN107871078A (en) The method that vulnerability information is extracted in non-structured text
Wen et al. Detecting malicious websites in depth through analyzing topics and web-pages
CN104036189A (en) Page distortion detecting method and black link database generating method
CN105718599A (en) Method and device for analyzing database access data packet
CN107222494A (en) A kind of SQL injection attack defending component and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant