| 基于序列比对的SQL注入攻击检测方法* |
| |
| 引用本文: | 孙义,胡雨霁,黄皓.基于序列比对的SQL注入攻击检测方法*[J].计算机应用研究,2010,27(9):3525-3538. |
| |
| 作者姓名: | 孙义 胡雨霁 黄皓 |
| |
| 作者单位: | 南京大学软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093 |
| |
| 基金项目: | 江苏省高技术研究计划资助项目(BE2008124) |
| |
| 摘 要: | SQL注入攻击已经严重影响了网络应用的安全,因为它可以使攻击者不受限制地访问数据库中的敏感信息。为此,提出了一种新的基于序列比对的方法进行SQL注入攻击检测,并给出了序列比对算法的实施过程和基于该算法的检测方法;最后对该方法的正确性和性能进行了分析和测试。实验结果表明,本方法是简单有效的。
|
| 关 键 词: | SQL注入 序列比对 攻击检测 |
Method of defense SQL injection attacks based on sequence alignment |
| |
| SUN Yi,HU Yu-ji,HUANG Hao.Method of defense SQL injection attacks based on sequence alignment[J].Application Research of Computers,2010,27(9):3525-3538. |
| |
| Authors: | SUN Yi HU Yu-ji HUANG Hao |
| |
| Affiliation: | (a.State Key Laboratory for Novel Software Technology, b.Dept. of Computer Science & Technology, Nanjing University, Nanjing 210093, China) |
| |
| Abstract: | SQL injection attacks pose a serious threat to the security of Web applications because they can give attackers unrestricted access to databases that contain sensitive information. This paper proposed a new method based on sequence alignment for protecting existing Web applications against SQL injection. Elaborated implementation and detection pattern with sequence alignment algorithm in detail. Finally analyzed and tested the correctness and performance of the method. Experimental results show that this method is simple and effective. |
| |
| Keywords: | SQL injection sequence alignment attack detection |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
