摘要
针对目前SQL注入攻击检测中存在的问题进行研究,提出一种基于SimHash算法的SQL注入检测方法,首先通过自学习过程将每一条SQL语句经过分词、散列、加权、合并,降维生成初始SimHash指纹库,然后基于SimHash利用初始指纹库构建具有索引结构的SimHash指纹库,再结合非黑即白的强白名单策略来判断每条SQL语句的合法性,从而降低黑客绕过防御体系的风险。实验结果表明,该检测方法对于SQL注入攻击具有很好的检测性能,并且具有抵御未知SQL注入攻击的能力,特别适用于中小型网站。
Aiming at vulnerabilities mentioned above,this paper put forward a method to detect SQL injection attack based on SimHash algorithm.Firstly,it generated the initial SimHash fingerprint database after segmenting,hashing,weighting,merging,and dimension-reducing each SQL statement through self-learning process.Secondly,it used the initial fingerprint database to build the SimHash fingerprint database with index structure.Thirdly,it judged the legitimacy of each SQL statement by combining strict white list strategy which took"users’action is either black or white"as its core concept with the SimHash fingerprint database.Thereby,it lowered the risk of hacker’s attacks bypassing the defense system.Experiments show that the detection method has a favorable performance of defensing SQL injection attack,including defensing some unknown ones,which is especially applicable for medium and small-sized websites.
作者
孔德广
蒋朝惠
郭春
Kong Deguang;Jiang Chaohui;Guo Chun(College of Computer Science&Technology,Guizhou University,Guiyang 550025,China;Guizhou Provincial Key Laboratory of Public Big Data,Guiyang 550025,China)
出处
《计算机应用研究》
CSCD
北大核心
2020年第7期2117-2122,共6页
Application Research of Computers
基金
国家自然科学基金资助项目(61540049)
贵州省基础研究重大项目(黔科合JZ字[2014]2001-21)
贵州省科技合作计划项目(黔科合重大专项字[2018]3001,黔科合基础[2017]1051,黔科合基础[2016]1052)
2017贵州省公共大数据重点实验室开放课题(2017BDKFJJ025)
河南省科技攻关计划项目(182102210123)。
