SQL injection attack identification method based on deep learning

A technology of injection attack and deep learning, applied in neural learning methods, character and pattern recognition, biological neural network models, etc., can solve problems such as inability to prevent SQL injection attacks in a timely and effective manner, achieve flexible and diverse identification methods, reduce dependence, and improve efficiency effect

Pending Publication Date: 2022-03-11
南京墨云科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention aims to solve the technical problem that people cannot timely and effectively prevent SQL injection attacks when using Internet data in the prior art, and provides a method for identifying SQL injection attacks based on deep learning, which can effectively improve the efficiency of SQL injection attack identification and improve security sex

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL injection attack identification method based on deep learning
  • SQL injection attack identification method based on deep learning
  • SQL injection attack identification method based on deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] Such as figure 1 As shown, a method for identifying SQL injection attacks based on deep learning includes the following steps:

[0040] S1. Data preprocessing: perform data cleaning on relevant data, manually construct features according to data distribution, and output processing results, which include data features, construction features and category data; figure 2 shown, including the following steps:

[0041] S11. Use a downsampling algorithm to clear the data containing missing values ​​in the relevant data;

[0042] S12. Use xpath to remove the tags in the response content, and only keep the page content;

[0043] S13, using the method in the urlparse package to distinguish the request parameter, IP address, and port number;

[0044] S14. Use the Pearson correlation coefficient to evaluate the relationship between the characteristic variables and the characteristics of the relevant data, and remove data irrelevant to the final category;

[0045] S15. Manually...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SQL injection attack recognition method based on deep learning, which comprises the following steps: S1, data preprocessing: carrying out data cleaning on related data, and manually constructing features according to data distribution; s2, word vector model generation: performing natural language processing on related data by using a neural network to fit a word vector model; s3, convolutional neural network training: generating a convolutional neural network for text content according to the word vector model, and performing feature extraction of related data; s4, Dropout layer training: using Dropout to reduce the interaction of the feature detection device; s5, related data full-connection network training: the local features of the related data after Dropout layer training are assembled into a complete graph again through the weight matrix; and S6, Softmax layer classification: carrying out Softmax function operation on the output of S5, and then judging whether related data is SQL injection attack or not. According to the method, the SQL injection attack recognition efficiency can be effectively improved, and the safety is improved.

Description

technical field [0001] The invention relates to the technical field of network data security, in particular to a method for identifying SQL injection attacks based on deep learning. Background technique [0002] Web-based applications typically rely on back-end database servers to manage application-specific persistent state and to extract data by executing queries composed using input provided by the application's users. If the user's request is not handled correctly, the attacker can change the structure of the SQL statement by manipulating user input. As a result, the server may suffer from SQL injection attacks based on web applications, and even endanger the security of the database. [0003] SQL injection attack detection is divided into pre-intrusion detection and post-intrusion detection. Pre-intrusion detection can be done manually or by using SQL injection tool software. The purpose of detection is to prevent SQL injection attacks, and the detection after SQL inj...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08G06F40/284G06F16/215
CPCG06N3/08G06F40/284G06F16/215G06N3/047G06N3/045G06F18/2414G06F18/2415
Inventor 何召阳任玉坤谢鑫何晓刚郗朝旭尉俊强
Owner 南京墨云科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap