CN107832618B - SQL injection detection system and method based on fine-grained authority control - Google Patents

SQL injection detection system and method based on fine-grained authority control Download PDF

Info

Publication number
CN107832618B
CN107832618B CN201710848818.2A CN201710848818A CN107832618B CN 107832618 B CN107832618 B CN 107832618B CN 201710848818 A CN201710848818 A CN 201710848818A CN 107832618 B CN107832618 B CN 107832618B
Authority
CN
China
Prior art keywords
authority
sql
database
module
sql statement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710848818.2A
Other languages
Chinese (zh)
Other versions
CN107832618A (en
Inventor
罗蛟
保永武
叶猛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN
Original Assignee
HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN filed Critical HONGXU INFORMATION TECHNOLOGY Co Ltd WUHAN
Priority to CN201710848818.2A priority Critical patent/CN107832618B/en
Publication of CN107832618A publication Critical patent/CN107832618A/en
Application granted granted Critical
Publication of CN107832618B publication Critical patent/CN107832618B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Automation & Control Theory (AREA)
  • Computing Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a SQL injection detection system and a method thereof based on fine-grained authority control, and relates to the technical field of information security. The system is as follows: the receiving module interacts with the service code table and the permission extraction module respectively to realize the receiving of SQL sentences submitted by users and the extraction of service codes; the permission extraction module is respectively interacted with the receiving module and the permission detection module to realize the extraction of the permission access information; the authority detection module interacts with the authority extraction module, the authority control table and the alarm module respectively to realize the detection of the SQL injection override operation; the alarm module interacts with the authority detection module and the service code table respectively to realize the interception of the log, the alarm and the SQL injection of the SQL injection event. The invention has the following advantages and positive effects: accuracy: SQL injection attacks can be accurately found, and user data leakage is prevented; expandability; wide adaptability: the method can be applied to Web servers, middleware, database proxy servers and database servers.

Description

SQL injection detection system and method based on fine-grained authority control
Technical Field
The invention relates to the technical field of information security, in particular to a SQL injection detection system and a method thereof based on fine-grained authority control.
Background
The SQL Injection is to insert SQL commands into Web forms, URLs, HTTP headers, and the like, and finally to cheat the server from executing malicious SQL commands. Specifically, the method is the capability of injecting malicious SQL commands into a background database engine to be executed by utilizing the existing application program, and can obtain a database on a website with security holes by inputting malicious SQL statements into a Web form instead of executing the SQL statements according to the intention of a designer. SQL injection is a huge hazard and can manipulate data in a database without authorization, including acts of reading, tampering, adding, deleting, and the like. How to detect the SQL injection behavior is a major topic in information security, and has important significance.
Currently, the following common SQL injection detection techniques are mainly used:
1) keyword recognition
The keyword identification technology is mainly used for checking SQL sentences submitted by a user, and judging SQL injection attack if SQL sentence keywords exist; commonly used keywords include union, select, and, from, etc.
2) Regular expression pattern matching
Describing SQL injection attack by using a regular expression to form an attack mode feature library; the data submitted by the user is matched with the attack pattern feature library through a regular expression, and if the data are successfully matched, SQL injection attack is considered to exist; compared with the keyword recognition technology, the method reduces false alarm and false negative.
3) Machine learning
Machine learning techniques generally fall into two phases: a learning stage and a detection stage; in the learning stage, normal flow characteristics of a legal SQL statement are learned through methods such as statistical analysis, data mining and the like in a safe environment, and a legal SQL statement knowledge base is established; in the detection stage, SQL sentences submitted by users are matched with legal SQL sentences in the knowledge base, and when the data characteristics are not matched, SQL injection attempts are judged to exist.
4) Syntactic analysis
SQL syntax analysis is carried out on various parameters in the HTTP request, and if a legal SQL statement fragment exists, SQL injection attack is considered to exist; or constructing a syntax analysis tree, comparing with a normal syntax analysis tree, and if the syntax analysis tree is inconsistent with the normal syntax analysis tree, determining that the SQL injection attack exists.
Among these SQL injection detection methods, the first three are all feature-based SQL injection detection methods; however, due to the diversity of SQL statements and the flexibility of SQL injection, certain false reports and false reports exist; the method 4) syntax analysis is relatively more accurate in detection, but has some application scenario limitations.
Disclosure of Invention
The invention aims to overcome the defects and shortcomings of the prior art, and provides a SQL injection detection system and a method thereof based on fine-grained authority control aiming at SQL injection attack behaviors, so as to realize the identification of the SQL injection attack behaviors.
The technical scheme for realizing the aim of the invention is as follows:
according to the invention, through carrying out detailed research on SQL injection attack behaviors, the detection on SQL injection attacks is realized through the following modes:
1. distributing a service code for each SQL statement corresponding to the URL to each URL related to SQL statement execution in the Web application to generate a service code table; the business code has uniqueness, and a single business code corresponds to one SQL statement.
2. Analyzing the corresponding SQL sentence of each business code to generate a corresponding authority control table; the authority control table is the mapping of the service codes and the authorities; the permissions are fine grained and include allowed or disallowed lists of databases, tables, fields, functions, and operations.
3. For SQL statements submitted by a user, authority information is extracted, wherein the authority information comprises access information such as a database, a table, a field, a function and operation; and (4) combining the authority control table and the authority access information to carry out authority detection, and if the unauthorized access exists, confirming that the SQL injection vulnerability exists.
SQL injection detection system (system for short) based on fine-grained authority control
The system comprises a receiving module, a permission extraction module, a permission detection module, an alarm module, a service code table and a permission control table;
the interaction relationship is as follows:
the receiving module interacts with the service code table and the permission extraction module respectively to realize the receiving of SQL sentences submitted by users and the extraction of service codes;
the permission extraction module is respectively interacted with the receiving module and the permission detection module to realize the extraction of the permission access information;
the authority detection module interacts with the authority extraction module, the authority control table and the alarm module respectively to realize the detection of the SQL injection override operation;
the alarm module interacts with the authority detection module and the service code table respectively to realize the interception of the log, the alarm and the SQL injection of the SQL injection event.
Second, SQL injection detection method (method for short) based on fine-grained authority control
The research idea of the method is that a unique business code is generated for each SQL statement corresponding to each URL related to SQL statement execution in the Web application; analyzing SQL sentences corresponding to the service codes to generate a mapping table of the service codes and the authority, wherein the authority is fine-grained; extracting authority access information in an SQL statement submitted by a user, inquiring an authority control table and carrying out authority detection; and if the unauthorized access exists, confirming that the SQL injection vulnerability exists.
Specifically, the method comprises the following steps:
firstly, distributing a business code for each SQL statement corresponding to each URL in the Web application related to SQL statement execution to generate a business code table;
analyzing the corresponding SQL sentence of each business code to generate a corresponding authority control table;
and thirdly, for the SQL sentences submitted by the users, extracting authority information, inquiring an authority control table, carrying out authority detection, and if unauthorized access exists, confirming that the SQL injection vulnerability exists.
The invention has the following advantages and positive effects:
accuracy: the invention is based on fine-grained authority control, and can accurately find out SQL injection attack and prevent user data from being leaked.
Expandability: when the Web application is upgraded, the authority control table can be conveniently updated on the premise of not modifying the structure of the system, and the corresponding upgrade is completed; meanwhile, aiming at a new SQL injection attack method, the authority control table can be updated so as to increase the detection accuracy.
Wide adaptability: the invention can be applied to Web servers, middleware, database proxy servers and database servers.
Drawings
FIG. 1 is a block diagram showing the construction of the system;
fig. 2 is a flow chart of the method.
Wherein:
11-a receiving module;
12-permission extraction module;
13-the right detection module,
14-an alarm module;
15-service code table;
16-authority control table;
English-Chinese translation
1. SQL: structured Query Language, a database Query and programming Language, is used to access data and Query, update, and manage relational database systems.
2. SQL inject: SQL injection, which executes the operations desired by an attacker, by building special inputs containing the SQL syntax as parameters to be passed into the Web application.
3. Web: the World Wide Web, is a system of many interlinked hypertext documents accessed through the internet.
Detailed Description
The following detailed description is made with reference to the accompanying drawings and examples:
a, system
1. General of
As shown in fig. 1, the system includes a receiving module 11, a permission extracting module 12, a permission detecting module 13, an alarm module 14, a service code table 15 and a permission control table 16;
the interaction relationship is as follows:
the receiving module 11 interacts with the service code table 15 and the permission extracting module 12 respectively to receive the SQL statements submitted by the user and extract the service codes;
the authority extraction module 12 interacts with the receiving module 11 and the authority detection module 13 respectively to realize the extraction of the authority access information;
the authority detection module 13 interacts with the authority extraction module 12, the authority control table 16 and the alarm module 14 respectively to realize the detection of the SQL injection override operation;
the alarm module 14 interacts with the permission detection module 13 and the service code table 15 respectively to realize the interception of the log, alarm and SQL injection of the SQL injection event.
2. Functional module
1) Receiving module 11
The receiving module 11 is a data acquisition method;
receiving SQL sentences submitted by users and extracting service codes from the SQL sentences; and sending the service code and the SQL statement to the permission extraction module 12 for further processing.
2) Authority extraction module 12
The authority extraction module 12 is a data processing method;
and performing lexical analysis and syntactic analysis on the SQL statement, and extracting the authority access information in the SQL statement.
3) Authority detection module 13
The authority detection module 13 is a data processing method;
and acquiring the authority access information from the authority extraction module 12, acquiring the authority control information corresponding to the service code from the authority control table 16, matching the authority access information and the authority control information, and judging that SQL injection exists if unauthorized access exists.
4) Alarm module 14
The alarm module 14 is an event response method.
And the system is used for receiving the detection result of the permission detection module 13, logging the relevant information of the SQL injection event, including information such as URL, SQL statement and violated permission, and giving an alarm in combination with the service code table 15. And meanwhile, the request is intercepted, so that the loss of user data is avoided.
5) Service code table 15
The service code table 15 is a data storage structure;
the SQL statement template comprises information such as a service code, a URL (uniform resource locator), an SQL (structured query language) statement template, a service code identification mark and the like, and is a corresponding relation between the service code and the SQL statement.
6) Authority control table 16
The authority control table 16 is a data storage structure.
The mapping of the service code and the access right comprises the information of the service code, the database of permitted operation, the database of prohibited operation, the table of permitted operation, the table of prohibited operation, the function of permitted operation, the function of prohibited operation, the field of permitted operation, the field of prohibited operation, the permitted operation and the prohibited operation.
3. The working mechanism of the system is as follows:
the system mainly carries out SQL injection detection based on fine-grained authority control; the fine grain privilege controls include a database of allowed operations, a database of prohibited operations, a table of allowed operations, a table of prohibited operations, a function of allowed operations, a function of prohibited operations, a field of allowed operations, a field of prohibited operations, allowed operations, and prohibited operations.
The system is divided into a preparation stage and an implementation stage:
in the preparation phase, each SQL statement in the Web application is assigned a unique service code, and a service code table 15 is generated. Meanwhile, SQL sentences corresponding to each service code are analyzed, authority control information is extracted, and an authority control table 16 is generated.
In the implementation phase, the receiving module 11 receives the SQL statement submitted by the user, and extracts the service code therefrom. The permission extraction module 12 performs lexical analysis and syntactic analysis on the received SQL statements, and extracts permission access information. The authority detection module 13 obtains authority access information from the authority extraction module 12, obtains authority control information corresponding to the service code from the authority control table 16, matches the two, and judges that SQL injection exists if unauthorized access exists. After detecting the SQL injection, the alarm module 14 logs the information related to the SQL injection event, including the URL, the SQL statement, the violation authority, and the like, and gives an alarm. And meanwhile, the request is intercepted, so that the loss of user data is avoided.
Second, method
Referring to fig. 2, the method comprises the following steps:
1. step (I) -S101
A. For each URL related to SQL statement execution in the Web application, distributing a business code for each SQL statement corresponding to the URL to generate a business code table;
B. the business code is an identification of an SQL statement in the Web application, and the distribution of the business code has uniqueness; in all SQL sentences corresponding to all URLs of the Web application, a single business code corresponds to and only has one SQL sentence;
C. the service code table is a data storage structure; the method comprises the steps of identifying service codes, URLs, SQL statement templates and service codes;
D. the service code identification mark is one or more keywords which can be extracted from URL and HTTP messages submitted by users, and the keywords can be associated with corresponding service codes and SQL sentences;
E. the Web application can embed the business code into the SQL statement, and when the SQL statement is received on the middleware or the database server, the business code can be directly extracted from the SQL statement, and the code identification mark is not needed;
F. for the SQL statement template "select title, author, source, content from instance db, news where id ═ id", the corresponding service code table entry information is exemplified as follows:
2. step S102
a. Analyzing the corresponding SQL sentence of each business code to generate a corresponding authority control table;
b. the authority control table is a data storage structure; is a mapping of service codes and permissions, including the following information: the method comprises the steps that a service code, a database name set allowing operation and a database name set forbidding operation are set;
c. for each database in the set of database names that allows operation, the entitlement control table contains the following information: the method comprises the steps that a table name set of operation permission, a table name set of operation prohibition, a function list of operation permission and a function list of operation prohibition are obtained;
d. for each database table in the set of table names that allow operations, the entitlement control table contains the following information: the field name set of the permitted operation, the field name set of the forbidden operation, the permitted operation list and the forbidden operation list;
e. as an example, the information of the access control table entry corresponding to the service code news item view is as follows:
service code news_item_view
Database allowing operation exampledb
Database with forbidden access information_schema
Tables accessible by database (exampledb) news
Table for forbidding access of database (exampledb) admin
Fields that the data table (exampledb. news) allows access to title,author,source,content
Fields of a data table (exampledb. news) that prohibit access Is free of
Data tables (exampledb. news) allow accessFunction of (2) Is free of
Functions for which the data table (exampledb. news) prohibits access Database(),Version(),User(),group_concat()
Operations allowed by a data table (exampledb. news) select
Operations prohibited by a data table (exampledb. news) insert,delet,update
3. Step III-S103
I, for SQL sentences submitted by a user, extracting authority information, inquiring an authority control table, carrying out authority detection, and if unauthorized access exists, confirming that SQL injection vulnerabilities exist;
II, the authority access information comprises the following information: a set of database names for the service codes and operations; for each database in the set of database names of the operation, the rights access information includes the following information: a table name set of operations and a function list of operations; for each database table in the table name set of the operation, the access-to-authority information includes the following information: a field name list and an operation list of the operation;
III, the access information of the extraction authority can be realized through syntax analysis; performing lexical analysis and syntactic analysis on the SQL statement to acquire authority access information corresponding to the SQL statement;
IV, the permission detection can be realized through a database; according to the authority control table, a database user and corresponding authority are pre-distributed to each service code in the database; after the user submits the SQL statement, the SQL statement is executed according to the identity of the pre-distributed database user corresponding to the business code; because the pre-allocation database user's rights have been restricted, if there is unauthorized access, the operation will be detected by the database;
v, as an example, if the URL accessed by the user is "http:// www.example.com/news.php% 3Fid ═ 1 unity selection admin, database (),3, password from admin", the submitted SQL statement is "select title, author, source, content from instance db. news document id ═ -1 unity selection admin, database (),3, password from admin", then the extracted access right information is as follows:
database of operations exampledb
Watch of operations exampledb.news,exampledb.admin
Fields of data table (exampledb. news) operations title,author,source,content
Fields of data table (exampledb. admin) operations admin,password
Functions accessed by a data table (exampledb. news) database()
Operations performed by a data table (exampledb. news) select
Admin) of a data table (example db) select
Matching the access information with the corresponding access control table can find the following unauthorized access:
table of unauthorized access: admin, sample db
Fields of data table (exampledb. admin) unauthorized access: admin, password
Table (exampledb. admin) function of unauthorized access: database ()
Data table (exampledb. admin) overrides the execution: select
Therefore, the SQL injection of the HTTP request can be judged.

Claims (1)

1. A SQL injection detection method based on fine-grained authority control comprises the following steps:
firstly, distributing a business code for each SQL statement corresponding to each URL in the Web application related to SQL statement execution to generate a business code table;
analyzing the corresponding SQL sentence of each business code to generate a corresponding authority control table;
for SQL sentences submitted by users, extracting authority information, inquiring an authority control table, carrying out authority detection, and if unauthorized access exists, confirming that SQL injection vulnerabilities exist;
the method is characterized in that:
the steps are as follows:
A. for each URL related to SQL statement execution in the Web application, distributing a business code for each SQL statement corresponding to the URL to generate a business code table;
B. the business code is an identification of an SQL statement in the Web application, and the distribution of the business code has uniqueness; in all SQL sentences corresponding to all URLs of the Web application, a single business code corresponds to and only has one SQL sentence;
C. the service code table is a data storage structure; the method comprises the steps of identifying service codes, URLs, SQL statement templates and service codes;
D. the service code identification mark is one or more keywords which can be extracted from URL and HTTP messages submitted by users, and the keywords can be associated with corresponding service codes and SQL sentences;
the third step is that:
i, for SQL sentences submitted by a user, extracting authority information, inquiring an authority control table, carrying out authority detection, and if unauthorized access exists, confirming that SQL injection vulnerabilities exist;
II, the authority access information comprises the following information: a set of database names for the service codes and operations; for each database in the set of database names of the operation, the rights access information includes the following information: a table name set of operations and a function list of operations; for each database table in the table name set of the operation, the access-to-authority information includes the following information: a field name list and an operation list of the operation;
III, extracting authority access information, which can be realized through syntax analysis; performing lexical analysis and syntactic analysis on the SQL statement to acquire authority access information corresponding to the SQL statement;
IV, authority detection can be realized through a database; according to the authority control table, a database user and corresponding authority are pre-distributed to each service code in the database; after the user submits the SQL statement, the SQL statement is executed according to the identity of the pre-distributed database user corresponding to the business code; since the pre-allocation of database users' rights have been restricted, if there is unauthorized access, the operation will be detected by the database.
CN201710848818.2A 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control Active CN107832618B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710848818.2A CN107832618B (en) 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710848818.2A CN107832618B (en) 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control

Publications (2)

Publication Number Publication Date
CN107832618A CN107832618A (en) 2018-03-23
CN107832618B true CN107832618B (en) 2019-12-24

Family

ID=61643411

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710848818.2A Active CN107832618B (en) 2017-09-20 2017-09-20 SQL injection detection system and method based on fine-grained authority control

Country Status (1)

Country Link
CN (1) CN107832618B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109766686A (en) * 2018-04-25 2019-05-17 新华三大数据技术有限公司 Rights management
CN110909355A (en) * 2018-09-17 2020-03-24 北京京东金融科技控股有限公司 Unauthorized vulnerability detection method, system, electronic device and medium
CN110321711B (en) * 2019-07-05 2021-01-29 杭州安恒信息技术股份有限公司 Method and system for detecting SQL injection point of application server
CN110532279A (en) * 2019-07-12 2019-12-03 平安普惠企业管理有限公司 Big data platform authority control method, device, computer equipment and storage medium
CN110598445B (en) * 2019-09-12 2022-05-20 金蝶蝶金云计算有限公司 Database access control method, system and related equipment
CN111651451A (en) * 2020-04-25 2020-09-11 复旦大学 Scene-driven single system micro-service splitting method
CN112115466B (en) * 2020-08-26 2021-05-14 广州锦行网络科技有限公司 Sql injection method bypassing select key words
CN112199677A (en) * 2020-11-03 2021-01-08 安徽中安睿御科技有限公司 Data processing method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101267357A (en) * 2007-03-13 2008-09-17 北京启明星辰信息技术有限公司 A SQL injection attack detection method and system
CN101901219A (en) * 2009-05-27 2010-12-01 北京启明星辰信息技术股份有限公司 Detection method for injection attack of database and system
CN103338208A (en) * 2013-07-16 2013-10-02 五八同城信息技术有限公司 Method and system for SQL injection and defense
CN104166812A (en) * 2014-06-25 2014-11-26 中国航天科工集团第二研究院七〇六所 Database safety access control method based on independent authorization
CN106469282A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 data access authority control method and device
CN106991322A (en) * 2016-01-21 2017-07-28 北京启明星辰信息安全技术有限公司 The detection method and device of a kind of SQL SQL injection attack

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101267357A (en) * 2007-03-13 2008-09-17 北京启明星辰信息技术有限公司 A SQL injection attack detection method and system
CN101901219A (en) * 2009-05-27 2010-12-01 北京启明星辰信息技术股份有限公司 Detection method for injection attack of database and system
CN103338208A (en) * 2013-07-16 2013-10-02 五八同城信息技术有限公司 Method and system for SQL injection and defense
CN104166812A (en) * 2014-06-25 2014-11-26 中国航天科工集团第二研究院七〇六所 Database safety access control method based on independent authorization
CN106469282A (en) * 2015-08-21 2017-03-01 阿里巴巴集团控股有限公司 data access authority control method and device
CN106991322A (en) * 2016-01-21 2017-07-28 北京启明星辰信息安全技术有限公司 The detection method and device of a kind of SQL SQL injection attack

Also Published As

Publication number Publication date
CN107832618A (en) 2018-03-23

Similar Documents

Publication Publication Date Title
CN107832618B (en) SQL injection detection system and method based on fine-grained authority control
CN107403106B (en) Database fine-grained access control method based on terminal user
Sadeghian et al. A taxonomy of SQL injection detection and prevention techniques
CN100476828C (en) Safety search engine system based on accessing control
CN111209565B (en) Horizontal override vulnerability detection method, equipment and computer readable storage medium
CN102567546B (en) Structured query language (SQL) injection detection method and SQL injection detection device
Tajpour et al. Web application security by sql injection detectiontools
CN103338208A (en) Method and system for SQL injection and defense
CN105229661A (en) Malware is determined based on signal mark
CN111488590A (en) SQ L injection detection method based on user behavior credibility analysis
CN112199677A (en) Data processing method and device
CN111353151A (en) Vulnerability detection method and device for network application
CN107766342A (en) A kind of recognition methods of application and device
Wen et al. Detecting malicious websites in depth through analyzing topics and web-pages
Dhivya et al. Evaluation of Web Security Mechanisms Using Vulnerability &Sql Attack Injection
Shanmughaneethi et al. SBSQLID: Securing web applications with service based SQL injection detection
Kumar et al. Detection and Prevention of SQL Injection attack
CN114205118B (en) Data access control analysis method based on data security method category
Bedeković et al. The Importance of Developing Preventive Techniques for SQL Injection Attacks
KR20170025201A (en) Method and apparatus for automatic process of query
Melshiyan et al. Information Security Audit Using Open Source Intelligence Methods
CN114936369A (en) SQL injection attack active defense method, system and storage medium based on mark
Sun et al. Classification of SQL injection attacks
Singh et al. SQL Injection Attacks, Detection Techniques on Web Application Databases
Kusuma Analysis of SQL injection attacks on website service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant