A Syntax Tree Feature-Based Matching Approach For Sql-Injecton Detection

2011 INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION AND INDUSTRIAL APPLICATION (ICIA2011), VOL II(2011)

引用 0|浏览1
暂无评分
摘要
eWith the deepening of informatization construction, Web architecture is widely used in various fields. While presenting convenience, these new technologies also introduce great security risks. Web security has been a serious problem for information security, and SQL-injection is one of the most common means of attack against Web services. SQL Injection often changes the structure of SQL statements. In this paper, we have proposed a syntax tree feature-based matching approach to counter SQL Injection. Our approach can learn automatically the structure feature of all legal SQL statements to construct knowledge library based on SQL syntax tree in a safe environment, and then match every SQL statement with knowledge library to find whether the structural feature has been changed in real environments. Experimental results prove that this proposed approach holds good performance and perfect protection for SQL Injection.
更多
查看译文
关键词
SQL-Injecton,self-learning,systax-tree,pattern-marthing
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要