【作者】 熊婧； 曹忠升； 朱虹； 冯玉才；

【Author】 Xiong Jing,Cao Zhongsheng,Zhu Hong,and Feng Yucai (School of Computer Science & Technology,Huazhong of Computer Science & Technology,Wuhan 430074)

【机构】 华中科技大学计算机学院多媒体与数据库研究所；

【摘要】 入侵检测领域的相关研究大多忽视了对利用存储过程的SQL注入攻击的检测.提出了基于构造路径的存储过程SQL注入检测方法.通过对执行流程的分析,得到执行参数的构造路径,形成检测规则.检测时替换规则中的输入参数为用户输入值,对所得到的SQL语句进行结构和语义上的检测.在标准测试平台TPCW上的实验结果表明,不仅在检测率还是漏报率上都要优于同类研究工作;在增加了基于该方法构建的检测模块后对系统性能影响不大.更多还原

【Abstract】 Very little attention is paid to detecting SQL injection attacks for stored procedures.An approach based on path-construction is proposed.A set of constructed-paths of executive parameters is obtained by analyzing the executing flow,and then the detecting rules are generated.Final SQL statements which are built by substituting user inputs for the parameters in the rules are analyzed on both structures and semantic tree.The experiment on TPCW shows that compared with related work, the solution proposed has lower false positives rate and omitted rate.In addition,the performance of the system with the detecting module does not decrease largely.更多还原