CN109408525A - A kind of agricultural data library SQL statement safety detection method and system - Google Patents
A kind of agricultural data library SQL statement safety detection method and system Download PDFInfo
- Publication number
- CN109408525A CN109408525A CN201811172028.8A CN201811172028A CN109408525A CN 109408525 A CN109408525 A CN 109408525A CN 201811172028 A CN201811172028 A CN 201811172028A CN 109408525 A CN109408525 A CN 109408525A
- Authority
- CN
- China
- Prior art keywords
- sql statement
- source
- white list
- sql
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a kind of agricultural data library SQL statement safety detection methods, comprising the following steps: (1) extracts the source SQL statement in database, syntactic analysis is carried out, if syntactic analysis mistake, terminates;Otherwise, the source SQL statement is judged whether in white list, if terminating in the existing white list;Otherwise, then morphological analysis is carried out;(2) if morphological analysis mistake, terminates;Otherwise, source SQL statement is added in white list, and generates the word structure under the SQL statement of source with reference count;(3) multiple SQL statements of the table comprising identical table structure in current white list with the access of source SQL statement are acquired, under the SQL statement different length of source word structure and white list in the word structure comparison match of multiple SQL statements taken out, and then judge whether source SQL statement is safe access sentence.The present invention can not can stop safely the SQL statement of dynamic splicing again, to guarantee the normal use and safety in backstage agricultural data library.
Description
Technical field
The present invention relates to database security fields, and in particular to a kind of agricultural data library SQL statement safety detection method and
System.
Background technique
Agriculture back-end data has been a concern safely, and data have derived numerous peaces among outer net and the interaction of data library
Full product, database firewall are the important safety products of one type.The class that database firewall is realized is more, mostly
It realizes such as feature database, white list, blacklist, SQL injection defence, limit update and delete, limit the update without where and delete
The high risky operation such as remove, limit create, drop.
However two states impossible to exhaust are always existed for white list:
One, not can guarantee can be equal all SQL statements involved by complicated operation system within the regular hour
Record becomes white list.
Two, there is the splicing for being difficult to exhaustion in the attribute conditions of back-end data such as agriculture for a large amount of business, only with 10 kinds
Attribute can generate 210Kind SQL statement.
The current programme of exhaustion is difficult to for SQL:
One, directly intercepted not in WhiteList since SQL statement does not learn to arrive.This can allow database firewall
The operation for intercepting a large amount of safety in fact, causes business largely to be influenced, for there is the operation system largely spliced,
Cause significantly business paralysis.
Though two, not learning to arrive, also do not intercept.In this way operation lose white list record meaning, cause it is some not by
The additions and deletions of permission, which change, looks into sentence and is all cleared, and there are security risks.And if these sentences be all frequently added to it is new
In WhiteList, and it is extremely huge, influence performance.
Summary of the invention
Goal of the invention: for overcome the deficiencies in the prior art, the present invention provides a kind of agricultural data library SQL statement and examines safely
Method and system are surveyed, white list is solved and always exists state impossible to exhaust and to the sentence clearance bring not being allowed to
Security risk influences the problem of database performance.
Technical solution: one side, agricultural data library SQL statement safety detection method of the present invention, this method include
Following steps:
(1) the source SQL statement in database is extracted, syntactic analysis is carried out according to its relevant information, if syntactic analysis is wrong
Accidentally, then terminate;
Otherwise, then the source SQL statement is judged whether in white list, if terminating in the existing white list;
Otherwise, then morphological analysis is carried out;
(2) if morphological analysis mistake, terminates;
Otherwise, then the source SQL statement is added in white list, and generated under the source SQL statement with reference count
Word structure;
(3) multiple SQL languages of the table comprising identical table structure in current white list with source SQL statement access are acquired
Sentence, the word structure under the source SQL statement different length compared with the word structure of the multiple SQL statements taken out in white list
Match, and then judges whether the source SQL statement is safe access sentence;
(4) qualified source SQL statement is added in white list for step described in iteration (1)~(3).
Preferably, the relevant information of the source SQL statement includes the length of SQL statement, the HASH value of generation, reference meter
Number, table relation list and table are counted.
Preferably, in the step (1), syntactic analysis includes the syntax rule according to database, to the source SQL statement
Carry out the analysis and syntax check of grammatical category.
Preferably, in the step (2), morphological analysis includes being scanned to each character of SQL statement, according to described
The word-building rule identification character of database simultaneously carries out qualitative and fixed length processing to the character identified.
Preferably, the step (3) specifically includes the following steps:
(21) table, field information and the length of the source SQL statement access are acquired, and is mapped as the structure of HASH relationship;
(22) several SQL statements with the source SQL statement comprising identical table structure are taken out from the white list;
(23) word structure of different length is generated to source SQL statement;
(24) several SQL statements that circulation compares white list taking-up correspond to the multiple-length word knot of word structure and source SQL statement
Structure, if the corresponding HASH value of two SQL statements compared is consistent, successful match;
(25) the source SQL statement is generated the structure of new HASH relationship, be stored in white list.
On the other hand, the present invention also provides a kind of agricultural data library SQL statement safety detecting systems, comprising:
Sentence extraction module, for extracting a source SQL statement from database;
Syntax Analysis Module for carrying out syntactic analysis to it according to the relevant information of the source SQL statement, and judges institute
Whether the source SQL statement of stating is in white list;
Lexical Analysis Module for carrying out morphological analysis to the source SQL statement, and generates band under the SQL statement and draws
With the word structure of counting;
Word structure matching module includes identical table with the table of source SQL statement access for acquiring in current white list
Multiple SQL statements of structure, under the source SQL statement different length word structure and white list in multiple SQL languages for taking out
The word structure comparison match of sentence, and then judge whether the source SQL statement is safe access sentence;
Iterative learning module is used for the above-mentioned module of iteration, so that qualified source SQL statement is added in white list.
Preferably, in the syntax Analysis Module, the relevant information of source SQL statement includes the length of SQL statement, generates
HASH value, reference count, table relation list and table are counted.
Preferably, in the syntax Analysis Module, syntactic analysis includes the syntax rule according to database, to the source
The analysis and syntax check of SQL statement progress grammatical category.
Preferably, in the Lexical Analysis Module, morphological analysis includes being scanned to each character of SQL statement, root
Character is identified according to the word-building rule of the database and qualitative and fixed length processing is carried out to the character identified.
Preferably, the word structure matching module, specifically includes following submodule:
Information acquisition module for acquiring table, field information and the length of the source SQL statement access, and is mapped as
The structure of HASH relationship;
White list sentence takes out module, includes identical table knot with the source SQL statement for taking out from the white list
Several SQL statements of structure;
Multiple-length word structure generation module, for generating the word structure of different length to source SQL statement;
HASH value comparison module, for recycle compare white list taking-up several SQL statements correspond to word structure and source SQL language
The multiple-length word structure of sentence, if the corresponding HASH value of two SQL statements compared is consistent, successful match;
Sentence is stored in module, for the source SQL statement being generated the structure of new HASH relationship, is stored in white list.
The utility model has the advantages that compared with prior art, the present invention its remarkable advantage is: 1, the present invention is carried out according to SQL statement
Syntactic analysis, morphological analysis and word structure matching can not can stop safely the SQL statement of dynamic splicing again, thus after guaranteeing
The normal use and safety in platform agricultural data library;2, the present invention realizes the data peace in the protection agricultural data library of more high safety strategy
Entirely, it allows normal data to extract SQL to be protected, simultaneously for crossing the border, unsafe SQL access operation is intercepted, and ensures system
The normal operation of system.
Detailed description of the invention
Fig. 1 is method flow diagram of the present invention;
Fig. 2 is SQL statement filtered model flow chart of the present invention;
Fig. 3 is white list SQL analysis flow chart diagram of the present invention;
Fig. 4 is system structure diagram of the present invention;
Fig. 5 is the structural schematic diagram of word structure matching module of the present invention.
Specific embodiment
Such as Fig. 1, on the one hand, the present invention provides a kind of agricultural data library SQL statement safety detection method, number described below
It is general MYSQL according to library, the relevant relevant database of ORACLE, protection is the relevant database security of agricultural, comprising:
Step 1 examines the permission whether there is or not access database table to do and pacify to the SQL of characteristic matching by strong access strategy
Whole school tests, and guarantees that safe SQL can be acquired dynamically, and illegal SQL access can be intercepted normally, and acquisition SQL can
With a HASH mapping determine that agriculture background data base can be had secure access to, improve efficiency.
The present invention acquires the word structure information in length range existing for current system first, original structure is splitted into a variety of etc.
Long word structure comparison match therewith, and then judge whether original SQL is safe access sentence.Sentence carry out morphological analysis it
Afterwards, the information that will acquire the sentence determines that it is legal sentence, will automatic collection in white list (WhiteList),
Continuous study in this way, generates the white list come.
A source SQL statement in step 2, extraction database, carries out syntactic analysis according to its relevant information, according to database
Syntax rule, to source SQL statement carry out grammatical category analysis and syntax check, if syntactic analysis mistake, terminates;It is no
Then, then source SQL statement is judged whether in white list, if terminating in existing white list;If it does not exist, then morphology is carried out
Analysis.The relevant information of source SQL statement include the length of SQL statement, the HASH value of generation, reference count, table relation list with
And table is counted.
Disparate databases syntax rule has consensus standard, so that the syntax rule of corresponding disparate databases can give birth to
At different syntax tree modules, Lex can be used according to database syntax rule, the tools automatic code generating such as Lacc can also
To manually generate.
As shown in Fig. 2, morphological analysis include to SQL statement from left to right character is scanned one by one, according to database
Word-building rule identification character and qualitative and fixed length processing is carried out to the character identified, i.e. SQL forms sentence by several words,
It is to have space between each word, the root in grammer is extracted, then the new construction of several word composition fixed length, to generates spy
Fixed HASH value can be used to qualitatively judge.Lex can be used in lexical analyzer, and the tools such as Lacc automatically generate, can also be with
Manually generate, mainly judge the SQL statement whether in blacklist, and enter SQL injection analyze and determine, SQL table sensibility analysis,
It is final to carry out white list judgement.
If step 3, morphological analysis mistake, terminate;Otherwise, then source SQL statement is added in white list, and generates source
It is to allow the sql of high frequency that can be placed on queue position more preferably with reference count with the word structure of reference count under SQL statement
It sets and is retrieved, improve efficiency.
Multiple SQL statements of the table comprising identical table structure accessed in step 4, the current white list of acquisition with source SQL statement,
Under the SQL statement different length of source word structure and white list in the word structure comparison match of multiple SQL statements taken out, according to
Unanimously whether multiple word structures generate HASH and compare, to judge.And then judge whether source SQL statement is safe access language
Sentence.
As shown in figure 3, concrete analysis the following steps are included:
(21) table, field information and the length of the source SQL statement access are acquired, and is mapped as the structure of HASH relationship;
(22) several SQL statements with source SQL statement comprising identical table structure are taken out from white list;Identical table structure is
Refer to that root quantity is identical, the HASH value of root combination producing is consistent, while the table structure operated in SQL statement is identical.
(23) sentence spliced for attribute in SQL, word length are variations, extract the word structure of different length, next life
At corresponding word structure, the word structure of different length is generated to source SQL statement.
(24) several SQL statements that circulation compares white list taking-up correspond to the multiple-length word knot of word structure and source SQL statement
Structure, if the corresponding HASH value of two SQL statements compared is consistent, successful match;
(25) source SQL statement is generated new HASH structure, be stored in white list.
Qualified source SQL statement is added in white list for step 5, iterative step (1)~(4).
Since there are many granularity of sentence safety, preliminary safety is whether sentence has apparent injection loophole.Exist simultaneously
Under this safety, it is understood that there may be the table that does not allow of operation, the accessing database data content or sentence perhaps gone beyond one's commission it is legal but
It is there are other risks etc., this is all further safety analysis.
Explain the purposes of record field and crucial list first, the record of SQL length, for pattern match, reference count
Device is in order to dynamically adjust list, increase high frequency SQL hit rate, the number of table applicating counter, table in order to determine new SQL operation
Table structure list, amount which table of concrete operations is recorded, the sequence of SQL in timed thread, dynamic adjustment list, according to one
In section timing node, using the sequence permutation algorithm of applicating counter priority, the SQL statement that mode of learning does not learn before this
Reference counter effect, for it is subsequent can be reached with safety, applicating counter certain number be defined as high-frequency operation,
Generate new white list, i.e., the reason of generation not in safety: prevent from causing the study of a large amount of low frequency SQL, index it is sudden and violent
Increase, thus the performance of entire effect database firewall (Database FireWall), for not passing through addition in certain frequency
Blacklist library needs to block to this kind of suspicious sentence.Study for each SQL statement needs to record the length of SQL statement
Information, the hash value of generation, reference count, table counting, table relation list etc..After pattern switching, no longer learn new SQL
Sentence.
It is as follows by the Sentence analysis process of Database FireWall: step 1: generating HASH to this SQL, to determine
Among WhiteList, arrives, then pass through, if not learning to arrive, into next step if there is study is represented.
Step 2: generating related data structures to this SQL, SQL length is recorded, the relevant information etc. of table is operated.Step 3: in target
Corresponding WhiteList is generated in SQL length range, does not need additional copy, it is only necessary to which an additional pointer is directed toward SQL
Element in the corresponding WhiteList of length limit intercepts corresponding length from target SQL respectively in WhiteList circulation
New SQL, corresponding HashKey and WhiteList Match of elemental composition is generated, enters next operation if there is hit, if do not deposited
It in being then put into suspicious SQL queue, does not let pass, and increases the SQL reference count.Step 4: successful match, this step needs pair
The table quantity of target SQL operation and related table name matching, it fails to match records, and enters in next step if success.Step 5: right
Condition after SQL successful match is analyzed, if there are it is additional it is nested, forever true, never the illegal logic such as set up, if not
In the presence of counter adds 1, records this sentence, counter judges whether to be greater than constant value, if more than new white name is then generated
It is single, otherwise directly let pass.
On the other hand, the present invention also provides a kind of agricultural data library SQL statement safety detecting systems, as shown in figure 4, packet
It includes:
Sentence extraction module, for extracting a source SQL statement from database;
Syntax Analysis Module for carrying out syntactic analysis to it according to the relevant information of the source SQL statement, and judges institute
Whether the source SQL statement of stating is in white list;The relevant information of source SQL statement include the length of SQL statement, the HASH value of generation,
Reference count, table relation list and table are counted.
Lexical Analysis Module is right according to the syntax rule of database for carrying out morphological analysis to the source SQL statement
Source SQL statement carries out the analysis and syntax check of grammatical category, and generates the word structure under the SQL statement with reference count;
Method analysis includes being scanned to each character of SQL statement, identifies character according to the word-building rule of the database and to knowledge
Not Chu the character carry out qualitative and fixed length processing.
Word structure matching module includes identical table with the table of source SQL statement access for acquiring in current white list
Multiple SQL statements of structure, under the source SQL statement different length word structure and white list in multiple SQL languages for taking out
The word structure comparison match of sentence, and then judge whether the source SQL statement is safe access sentence.
Iterative learning module is used for the above-mentioned module of iteration, so that qualified source SQL statement is added in white list.
As shown in figure 5, word structure module specifically includes following submodule:
Information acquisition module for acquiring table, field information and the length of the source SQL statement access, and is mapped as
The structure of HASH relationship;
White list sentence takes out module, includes the several of identical table structure with source SQL statement for taking out from white list
SQL statement;
Multiple-length word structure generation module, for generating the word structure of different length to source SQL statement;
HASH value comparison module, for recycle compare white list taking-up several SQL statements correspond to word structure and source SQL language
The multiple-length word structure of sentence, if the corresponding HASH value of two SQL statements compared is consistent, successful match;
Sentence is stored in module, for the source SQL statement being generated the structure of new HASH relationship, is stored in white list.
Claims (10)
1. a kind of agricultural data library SQL statement safety detection method, which is characterized in that method includes the following steps:
(1) the source SQL statement in database is extracted, syntactic analysis is carried out according to its relevant information, if syntactic analysis mistake,
Terminate;
Otherwise, then the source SQL statement is judged whether in white list, if terminating in the existing white list;
Otherwise, then morphological analysis is carried out;
(2) if morphological analysis mistake, terminates;
Otherwise, then the source SQL statement is added in white list, and generates the word knot under the source SQL statement with reference count
Structure;
(3) multiple SQL statements of the table comprising identical table structure in current white list with source SQL statement access are acquired,
The word structure comparison match of the multiple SQL statements taken out in word structure and white list under the source SQL statement different length, into
And judge whether the source SQL statement is safe access sentence;
(4) qualified source SQL statement is added in white list for step described in iteration (1)~(3).
2. agricultural data library SQL statement safety detection method according to claim 1, which is characterized in that the source SQL language
The relevant information of sentence includes that the length of SQL statement, the HASH value of generation, reference count, table relation list and table are counted.
3. agricultural data library SQL statement safety detection method according to claim 1, which is characterized in that the step (1)
In, syntactic analysis includes the syntax rule according to database, carries out the analysis of grammatical category to the source SQL statement and grammer is examined
It looks into.
4. agricultural data library SQL statement safety detection method according to claim 1, which is characterized in that the step (2)
In, morphological analysis includes being scanned to each character of SQL statement, identifies character simultaneously according to the word-building rule of the database
Qualitative and fixed length processing is carried out to the character identified.
5. agricultural data library SQL statement safety detection method according to claim 1, which is characterized in that the step (3)
Specifically includes the following steps:
(21) table, field information and the length of the source SQL statement access are acquired, and is mapped as the structure of HASH relationship;
(22) several SQL statements with the source SQL statement comprising identical table structure are taken out from the white list;
(23) word structure of different length is generated to source SQL statement;
(24) several SQL statements that circulation compares white list taking-up correspond to the multiple-length word structure of word structure and source SQL statement, if
The corresponding HASH value of two SQL statements compared is consistent, then successful match;
(25) the source SQL statement is generated the structure of new HASH relationship, be stored in white list.
6. a kind of agricultural data library SQL statement safety detecting system characterized by comprising
Sentence extraction module, for extracting a source SQL statement from database;
Syntax Analysis Module for carrying out syntactic analysis to it according to the relevant information of the source SQL statement, and judges the source
Whether SQL statement is in white list;
Lexical Analysis Module for carrying out morphological analysis to the source SQL statement, and generates band reference meter under the SQL statement
Several word structures;
Word structure matching module includes identical table structure with the table of source SQL statement access for acquiring in current white list
Multiple SQL statements, under the source SQL statement different length word structure and white list in multiple SQL statements for taking out
Word structure comparison match, and then judge whether the source SQL statement is safe access sentence;
Iterative learning module is used for the above-mentioned module of iteration, so that qualified source SQL statement is added in white list.
7. agricultural data library SQL statement safety detecting system according to claim 6, which is characterized in that the grammer point
It analyses in module, the relevant information of source SQL statement includes the length of SQL statement, the HASH value of generation, reference count, table relationship column
Table and table are counted.
8. agricultural data library SQL statement safety detecting system according to claim 6, which is characterized in that the grammer point
Analyse module in, syntactic analysis includes the syntax rule according to database, to the source SQL statement carry out grammatical category analysis and
Syntax check.
9. agricultural data library SQL statement safety detecting system according to claim 6, which is characterized in that the morphology point
It analyses in module, morphological analysis includes being scanned to each character of SQL statement, is identified according to the word-building rule of the database
Character simultaneously carries out qualitative and fixed length processing to the character identified.
10. agricultural data library SQL statement safety detecting system according to claim 6, which is characterized in that the word structure
Matching module specifically includes following submodule:
Information acquisition module for acquiring table, field information and the length of the source SQL statement access, and is mapped as the pass HASH
The structure of system;
White list sentence takes out module, includes identical table structure with the source SQL statement for taking out from the white list
Several SQL statements;
Multiple-length word structure generation module, for generating the word structure of different length to source SQL statement;
HASH value comparison module compares several SQL statements of white list taking-up and corresponds to word structure and source SQL statement for recycling
Multiple-length word structure, if the corresponding HASH value of two SQL statements compared is consistent, successful match;
Sentence is stored in module, for the source SQL statement being generated the structure of new HASH relationship, is stored in white list.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811172028.8A CN109408525A (en) | 2018-10-09 | 2018-10-09 | A kind of agricultural data library SQL statement safety detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811172028.8A CN109408525A (en) | 2018-10-09 | 2018-10-09 | A kind of agricultural data library SQL statement safety detection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109408525A true CN109408525A (en) | 2019-03-01 |
Family
ID=65466243
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811172028.8A Pending CN109408525A (en) | 2018-10-09 | 2018-10-09 | A kind of agricultural data library SQL statement safety detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109408525A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111190969A (en) * | 2019-12-23 | 2020-05-22 | 苏州银丰睿哲信息科技有限公司 | Metadata flow direction analysis method and system |
| CN112989403A (en) * | 2019-12-18 | 2021-06-18 | 拓尔思天行网安信息技术有限责任公司 | Method, device and equipment for detecting database destruction and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365963A (en) * | 2013-06-20 | 2013-10-23 | 广州赛姆科技资讯有限公司 | Method for quickly testing compliance by database auditing system |
| US9098722B2 (en) * | 2013-03-15 | 2015-08-04 | Prevoty, Inc. | Systems and methods for parsing user-generated content to prevent attacks |
| CN106294401A (en) * | 2015-05-21 | 2017-01-04 | 阿里巴巴集团控股有限公司 | Automatically the method and device in SQL list storehouse is set up |
| CN107563193A (en) * | 2017-08-28 | 2018-01-09 | 深信服科技股份有限公司 | Access and control strategy of database method and system based on SQL templates |
-
2018
- 2018-10-09 CN CN201811172028.8A patent/CN109408525A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9098722B2 (en) * | 2013-03-15 | 2015-08-04 | Prevoty, Inc. | Systems and methods for parsing user-generated content to prevent attacks |
| CN103365963A (en) * | 2013-06-20 | 2013-10-23 | 广州赛姆科技资讯有限公司 | Method for quickly testing compliance by database auditing system |
| CN106294401A (en) * | 2015-05-21 | 2017-01-04 | 阿里巴巴集团控股有限公司 | Automatically the method and device in SQL list storehouse is set up |
| CN107563193A (en) * | 2017-08-28 | 2018-01-09 | 深信服科技股份有限公司 | Access and control strategy of database method and system based on SQL templates |
Non-Patent Citations (1)
| Title |
|---|
| 蒋磊: ""基于机器学习的SQL注入检测技术研究"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112989403A (en) * | 2019-12-18 | 2021-06-18 | 拓尔思天行网安信息技术有限责任公司 | Method, device and equipment for detecting database destruction and storage medium |
| CN112989403B (en) * | 2019-12-18 | 2023-09-29 | 拓尔思天行网安信息技术有限责任公司 | Database damage detection method, device, equipment and storage medium |
| CN111190969A (en) * | 2019-12-23 | 2020-05-22 | 苏州银丰睿哲信息科技有限公司 | Metadata flow direction analysis method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9519774B2 (en) | Systems and methods for SQL query constraint solving | |
| CN106250769B (en) | A kind of the source code data detection method and device of multistage filtering | |
| CN107292170B (en) | Method, device and system for detecting SQL injection attack | |
| CN109684840A (en) | Based on the sensitive Android malware detection method for calling path | |
| US20220019658A1 (en) | Systems and methods for improving accuracy in recognizing and neutralizing injection attacks in computer services | |
| US9697058B2 (en) | Method, computer program and apparatus for controlling access to a computer resource and obtaining a baseline therefor | |
| US8863301B2 (en) | Classification of an electronic document | |
| CN107844705A (en) | Third party's component leak detection method based on binary code feature | |
| CN108959926A (en) | A kind of detection method of SQL injection attack | |
| CN107273752B (en) | Vulnerability automatic classification method based on word frequency statistics and naive Bayes fusion model | |
| CN109246064A (en) | Safe access control, the generation method of networkaccess rules, device and equipment | |
| CN111581355A (en) | Method, device and computer storage medium for detecting subject of threat intelligence | |
| US20230092159A1 (en) | Label guided unsupervised learning based network-level application signature generation | |
| CN107239694A (en) | A kind of Android application permissions inference method and device based on user comment | |
| US20140358923A1 (en) | Systems And Methods For Automatically Determining Text Classification | |
| Wang et al. | Detection method of SQL injection attack in cloud computing environment | |
| CN109408525A (en) | A kind of agricultural data library SQL statement safety detection method and system | |
| US10002254B2 (en) | Systems and methods for SQL type evaluation to detect evaluation flaws | |
| US9600644B2 (en) | Method, a computer program and apparatus for analyzing symbols in a computer | |
| US10025936B2 (en) | Systems and methods for SQL value evaluation to detect evaluation flaws | |
| CN106020923B (en) | SELinux strategy compiling method and system | |
| US20070185703A1 (en) | Method, Computer Program and Apparatus for Analysing Symbols in a Computer System | |
| WO2017049254A1 (en) | Systems and methods for sql type and/or value evaluation to detect evaluation flaws | |
| CN107463845A (en) | A kind of detection method, system and the computer-processing equipment of SQL injection attack | |
| CN109558418A (en) | A kind of method of automatic identification information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190301 |
|
| RJ01 | Rejection of invention patent application after publication |