SQL injection audit or protection method and device based on database protocol

A database and protocol technology, applied in the field of information security, can solve problems such as high false alarm rate, lack of solutions, high false alarm rate, etc.

Active Publication Date: 2017-12-12
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The above SQL injection audit technologies have the following problems: (1) The list of suspicious risk points scanned by the static code audit technology is often very large, requiring a lot of manual analysis, and the false positive rate is very high
(2) Dynamic code audit technology Because the user's input variables are processed by various logics, although the final result is not abnormal even though the dangerous function is passed, there will be many false positives
(3) In the method of using regular expressions for regular matching, in order to ensure that the normal regular business is not affected, the regular expression structure will be looser, so it is easy for intruders to bypass the regular matching of regular expressions. Therefore, there is also a high false positive rate
[0005] Aiming at the technical problem of high false positive rate in the above-mentioned traditional SQL injection auditing and protection methods, there is no effective solution in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection audit or protection method and device based on database protocol
  • SQL injection audit or protection method and device based on database protocol
  • SQL injection audit or protection method and device based on database protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] A kind of SQL injection audit or protection method based on database protocol provided by the embodiment of the present invention, such as figure 1 shown, including:

[0047] Step S102, obtaining the data packet sent by the database server according to the preset database protocol, wherein the data packet is a data packet responding to the information requested by the client;

[0048] Step S104, analyzing the data packet according to the data format of the preset database protocol to determine the response result of the database server to the request information;

[0049] Step S106, based on the response result, determine the dangerous access interface for accessing the database server caused by the SQL injection, so as to block the access request for accessing the dangerous access interface.

[0050] It should be noted that various database servers have preset database protocols for transmitting network data. The response result of the above-mentioned database server...

Embodiment 2

[0083] A database protocol-based SQL injection audit or protection device provided by an embodiment of the present invention, such as image 3 shown, including:

[0084] The acquiring module 100 is configured to acquire a data packet sent by the database server according to a preset database protocol, wherein the data packet is a data packet responding to the client request information;

[0085] The analysis module 200 is used to analyze the data packet according to the data format of the preset database protocol, so as to determine the response result of the database server to the request information;

[0086] The determining module 300 is configured to determine, based on the response result, a dangerous access interface for accessing the database server caused by the SQL injection, so as to block an access request for accessing the dangerous access interface.

[0087]In the embodiment of the present invention, the acquisition module 100 acquires the data packet sent by the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an SQL injection audit or protection method and device base on a database protocol, and relates to the technical field of information safety. The method comprises the steps that data packages sent by a database server according to the preset database protocol are acquired, wherein the data packages respond to request information of a client; the data packages are analyzed according to a data format of the preset database protocol to determine a response result of the database server to the request information; based on the response result, a dangerous access interface accessing the database server caused by SQL injection is determined so that access requests accessing the dangerous access interface can be prevented. By means of the method, the technical problem that the false positive rate is high in traditional audit and protection methods of SQL injection is alleviated.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a database protocol-based SQL injection audit or protection method and device. Background technique [0002] The so-called SQL (Structured Query Language) injection, a relatively common situation is to insert SQL statements in the Web form, SQL injection is often used to attack the server to achieve the purpose of stealing information or controlling the system. [0003] Regarding the auditing technology of SQL injection, according to whether the auditing process requires the execution of the application program, there are mainly two types: the first type is static code auditing, which mainly realizes the loop traversal analysis of the entire code by scanning the function list to achieve the discovery of SQL The purpose of injection; the second type is dynamic code auditing, which mainly detects SQL injection by monitoring whether the transmission process of user inpu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F17/30
CPCG06F16/27G06F21/554
Inventor 应臣伟范渊黄进
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap