Advertisement

The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior

  • Hao Wang
  • Jinsong Wang
  • Jian Zhang
  • Sheng Lin
  • Chengyi Xia
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 133)

Abstract

According to the SQL injection attack process with the characteristic of connection, a detecting method was presented based on connective signatures filter, suitable for the traditional signatures matching algorithm. Using multiple member signatures which described by regular expression to filter the packets of hosts from Intranet. The experiment proves the validity and practicability of the detecting method.

Keywords

SQL injection connective signatures regular expression DPI 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    OWASP held a Web security event and reading Web security trend, http://www.enet.com.cn/article/2010/0521/A20100521657157.shtml
  2. 2.
    Zhang, B.: SQL Injection Attack and Detection Technology. Information Security and Communications Privacy 5, 90–92 (2010)Google Scholar
  3. 3.
    Li, Y.-P.: The Implementation of SQL Injection Attacks Scanning Analysis Tool and Research on Prevention Technology. Beijing jiaotong University School of Computer and Information Technology, Beijing (2010)Google Scholar
  4. 4.
    Wang, W.-P., Li, C., Duan, G.-H.: Design of SQL Injection Filtering Module Based on Regular Expression. Computer Engineering 37, 158–160 (2011)Google Scholar

Copyright information

© Springer-Verlag GmbH Berlin Heidelberg 2012

Authors and Affiliations

  • Hao Wang
    • 1
  • Jinsong Wang
    • 1
  • Jian Zhang
    • 1
  • Sheng Lin
    • 1
  • Chengyi Xia
    • 1
  1. 1.School of Computer and Communication EngineeringTianjin University of TechnologyTianjinChina

Personalised recommendations