The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior
According to the SQL injection attack process with the characteristic of connection, a detecting method was presented based on connective signatures filter, suitable for the traditional signatures matching algorithm. Using multiple member signatures which described by regular expression to filter the packets of hosts from Intranet. The experiment proves the validity and practicability of the detecting method.
KeywordsSQL injection connective signatures regular expression DPI
Unable to display preview. Download preview PDF.
- 1.OWASP held a Web security event and reading Web security trend, http://www.enet.com.cn/article/2010/0521/A20100521657157.shtml
- 2.Zhang, B.: SQL Injection Attack and Detection Technology. Information Security and Communications Privacy 5, 90–92 (2010)Google Scholar
- 3.Li, Y.-P.: The Implementation of SQL Injection Attacks Scanning Analysis Tool and Research on Prevention Technology. Beijing jiaotong University School of Computer and Information Technology, Beijing (2010)Google Scholar
- 4.Wang, W.-P., Li, C., Duan, G.-H.: Design of SQL Injection Filtering Module Based on Regular Expression. Computer Engineering 37, 158–160 (2011)Google Scholar