| Oracle通信TNS协议中请求报文的解析 |
| |
| 引用本文: | 侯方杰,王雷,王嵩,盛捷. Oracle通信TNS协议中请求报文的解析[J]. 计算机系统应用, 2018, 27(10): 273-278 |
| |
| 作者姓名: | 侯方杰 王雷 王嵩 盛捷 |
| |
| 作者单位: | 中国科学技术大学 信息技术学院 自动化系, 合肥 230001,中国科学技术大学 信息技术学院 自动化系, 合肥 230001,中国科学技术大学 信息技术学院 自动化系, 合肥 230001,中国科学技术大学 信息技术学院 自动化系, 合肥 230001 |
| |
| 基金项目: | 中国科学院战略性先导科技专项(XDA06011203);“新一代宽带无线移动通信网”重大专项子课题(2017ZX03001019-004) |
| |
| 摘 要: | 由于Oracle数据库的内部细节不公开,对其进行安全审计时,需要解析服务器与客户端通信的TNS协议.但已有的TNS协议解析层次不够深入,适用的数据库服务器、客户端以及操作系统、TNS协议版本范围有限,常用的协议逆向方法对于协议的负载部分解析能力有限.本文针对常用的数据库服务器、客户端以及TNS协议版本,在windows和linux操作系统下,提出一个通用的Oracle通信TNS协议请求报文解析方案.针对字节数多、意义不明的报文段,使用数据挖掘的方式获取字段值与结构的关系,以确定具体的报文格式.在实际系统中的应用表明,提出的方案可以有效解析现场采集的大量数据,从请求报文中提取出SQL语句.在对解析结果进行后期校正后,可以达到所有数据包无异常解析.
|
| 关 键 词: | 协议解析 数据库安全 Oracle数据库 TNS协议 关联挖掘 |
| 收稿时间: | 2018-03-15 |
| 修稿时间: | 2018-04-23 |
Analysis of Request Message in Oracle TNS Protocol |
| |
| HOU Fang-Jie,WANG Lei,WANG Song and SHENG Jie. Analysis of Request Message in Oracle TNS Protocol[J]. Computer Systems& Applications, 2018, 27(10): 273-278 |
| |
| Authors: | HOU Fang-Jie WANG Lei WANG Song SHENG Jie |
| |
| Affiliation: | Department of Automation, School of Information Science and Technology, University of Science and Technology of China, Hefei 230001, China,Department of Automation, School of Information Science and Technology, University of Science and Technology of China, Hefei 230001, China,Department of Automation, School of Information Science and Technology, University of Science and Technology of China, Hefei 230001, China and Department of Automation, School of Information Science and Technology, University of Science and Technology of China, Hefei 230001, China |
| |
| Abstract: | Due to the internal details of the Oracle database is not open, it is necessary to resolve the Oracle network communication protocol TNS when performing security audits. The existing TNS protocol analysis level is not deep enough to cover the servers, clients, operating systems, and protocols versions. And common protocol reversing tools are not good at payload analysis. This study proposes a universal TNS protocol analytical solution according to common servers, clients, and protocol versions under windows and linux operating systems. Method of data mining is used for message segments with much bytes meaning unknown, and can gives fields that affect the message structure automatically. The application in the actual system shows that the proposed scheme can effectively analyze the large amount of data collected in the field, and extract the SQL statement from the request message.After the post-correction, all packets can be parsed without any exception. |
| |
| Keywords: | protocol analysis database safety Oracle database Transparent Network Substrate (TNS) protocol association mining |
|
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
|
