CN108632263A - 一种sql注入点的检测方法 - Google Patents
一种sql注入点的检测方法 Download PDFInfo
- Publication number
- CN108632263A CN108632263A CN201810379978.1A CN201810379978A CN108632263A CN 108632263 A CN108632263 A CN 108632263A CN 201810379978 A CN201810379978 A CN 201810379978A CN 108632263 A CN108632263 A CN 108632263A
- Authority
- CN
- China
- Prior art keywords
- request
- database
- frequent
- web
- detection method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810379978.1A CN108632263A (zh) | 2018-04-25 | 2018-04-25 | 一种sql注入点的检测方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810379978.1A CN108632263A (zh) | 2018-04-25 | 2018-04-25 | 一种sql注入点的检测方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108632263A true CN108632263A (zh) | 2018-10-09 |
Family
ID=63694450
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810379978.1A Pending CN108632263A (zh) | 2018-04-25 | 2018-04-25 | 一种sql注入点的检测方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108632263A (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112069498A (zh) * | 2020-09-21 | 2020-12-11 | 全球能源互联网研究院有限公司 | 一种sql注入检测模型构建方法及检测方法 |
CN115314255A (zh) * | 2022-07-11 | 2022-11-08 | 深信服科技股份有限公司 | 攻击结果的检测方法、装置、计算机设备和存储介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101388899A (zh) * | 2007-09-12 | 2009-03-18 | 北京启明星辰信息技术有限公司 | 一种Web服务器前后台关联审计方法及系统 |
CN102043841A (zh) * | 2010-12-10 | 2011-05-04 | 上海市城市建设设计研究院 | 基于Web技术的多源信息供给方法及其集成服务系统 |
CN102185930A (zh) * | 2011-06-09 | 2011-09-14 | 北京理工大学 | 一种sql注入漏洞检测方法 |
CN103530564A (zh) * | 2013-09-24 | 2014-01-22 | 国家电网公司 | 一种sql注入漏洞测试与验证方法及系统 |
CN104484474A (zh) * | 2014-12-31 | 2015-04-01 | 南京盾垒网络科技有限公司 | 数据库安全审计方法 |
-
2018
- 2018-04-25 CN CN201810379978.1A patent/CN108632263A/zh active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101388899A (zh) * | 2007-09-12 | 2009-03-18 | 北京启明星辰信息技术有限公司 | 一种Web服务器前后台关联审计方法及系统 |
CN102043841A (zh) * | 2010-12-10 | 2011-05-04 | 上海市城市建设设计研究院 | 基于Web技术的多源信息供给方法及其集成服务系统 |
CN102185930A (zh) * | 2011-06-09 | 2011-09-14 | 北京理工大学 | 一种sql注入漏洞检测方法 |
CN103530564A (zh) * | 2013-09-24 | 2014-01-22 | 国家电网公司 | 一种sql注入漏洞测试与验证方法及系统 |
CN104484474A (zh) * | 2014-12-31 | 2015-04-01 | 南京盾垒网络科技有限公司 | 数据库安全审计方法 |
Non-Patent Citations (2)
Title |
---|
张登峰: "《基于机器学习的SQL注入检测》", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
蒋磊: "《基于机器学习的SQL注入检测技术研究》", 《中国优秀硕士学位论文全文数据库信息科技辑 》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112069498A (zh) * | 2020-09-21 | 2020-12-11 | 全球能源互联网研究院有限公司 | 一种sql注入检测模型构建方法及检测方法 |
CN112069498B (zh) * | 2020-09-21 | 2023-11-21 | 全球能源互联网研究院有限公司 | 一种sql注入检测模型构建方法及检测方法 |
CN115314255A (zh) * | 2022-07-11 | 2022-11-08 | 深信服科技股份有限公司 | 攻击结果的检测方法、装置、计算机设备和存储介质 |
CN115314255B (zh) * | 2022-07-11 | 2023-12-29 | 深信服科技股份有限公司 | 攻击结果的检测方法、装置、计算机设备和存储介质 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Yu et al. | Deescvhunter: A deep learning-based framework for smart contract vulnerability detection | |
US11030203B2 (en) | Machine learning detection of database injection attacks | |
CN107392016A (zh) | 一种基于代理的Web数据库攻击行为检测系统 | |
CN107273751A (zh) | 基于多模式匹配的安全漏洞在线发现方法 | |
US20150207811A1 (en) | Vulnerability vector information analysis | |
CN107292167A (zh) | 基于精简语法树的sql语句安全检测方法 | |
CN103164515B (zh) | 计算机系统涉密文件知识库搜索方法 | |
CN104766015B (zh) | 一种基于函数调用的缓冲区溢出漏洞动态检测方法 | |
CN107608732A (zh) | 一种基于bug知识图谱的bug搜索定位方法 | |
CN105045715B (zh) | 基于编程模式和模式匹配的漏洞聚类方法 | |
CN107832618A (zh) | 一种基于细粒度权限控制的sql注入检测系统及其方法 | |
CN112069498B (zh) | 一种sql注入检测模型构建方法及检测方法 | |
CN111488590A (zh) | 一种基于用户行为可信分析的sql注入检测方法 | |
CN113297580B (zh) | 基于代码语义分析的电力信息系统安全防护方法及装置 | |
CN103366120A (zh) | 基于脚本的漏洞攻击图生成方法 | |
CN115658080A (zh) | 一种软件开源代码成分的识别方法及系统 | |
ÐURIĆ | WAPTT-Web application penetration testing tool | |
CN108632263A (zh) | 一种sql注入点的检测方法 | |
Boffa et al. | Towards NLP-based processing of honeypot logs | |
Xiao et al. | SQL injection attack detection method using expectation criterion | |
CN112817877B (zh) | 异常脚本检测方法、装置、计算机设备和存储介质 | |
Shang et al. | A framework to construct knowledge base for cyber security | |
CN109902012A (zh) | 一种自动化生成服务器测试报告的方法及装置 | |
He et al. | Auto-Tag: Tagging-Data-By-Example in Data Lakes | |
CN108959935B (zh) | 一种漏洞插件批量执行方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: Room 612, Building 5, No. 998 Wenyi West Road, Yuhang District, Hangzhou City, Zhejiang Province, 311100 Applicant after: Hangzhou flash Mdt InfoTech Ltd Address before: Room 612, Building 5, No. 998 Wenyi West Road, Yuhang District, Hangzhou City, Zhejiang Province, 311100 Applicant before: Hangzhou flash press information Polytron Technologies Inc |
|
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 310000 Room 608, Building No. 998 Wenyi West Road, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province Applicant after: Hangzhou flash Mdt InfoTech Ltd Address before: Room 612, Building 5, No. 998 Wenyi West Road, Yuhang District, Hangzhou City, Zhejiang Province, 311100 Applicant before: Hangzhou flash Mdt InfoTech Ltd |
|
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 310000 Room 608, building 5, No. 998, Wenyi West Road, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province Applicant after: Flash it Co., Ltd Address before: 310000 Room 608, building 5, No. 998, Wenyi West Road, Wuchang Street, Yuhang District, Hangzhou City, Zhejiang Province Applicant before: HANGZHOU SECSMART INFORMATION TECHNOLOGY Co.,Ltd. |
|
CB02 | Change of applicant information | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181009 |
|
RJ01 | Rejection of invention patent application after publication |