数据挖掘提取查询树特征的SQL注入攻击检测  被引量:6

Query tree feature extraction based on data mining for detecting SQL injection attack

在线阅读下载全文

作  者:张燕[1] 

机构地区:[1]宁夏工商职业技术学院,宁夏银川750021

出  处:《电子技术应用》2016年第3期90-94,共5页Application of Electronic Technique

摘  要:针对Web应用中数据库信息容易遭受SQL注入攻击的问题,提出一种基于数据挖掘技术的SQL注入攻击检测方法,其核心在于查询树特征的提取和转换。首先,在SQL数据库日志中收集内部查询树;然后,提取查询树中的语义和语法特征,并通过利用多维序列作为中间表示将查询树特征转换为一个n维字符特征向量;再后,根据查询树类型,利用不同的统计模型将字符特征向量转换成n维数值特征向量;最后,根据这些特征,利用多项式核函数SVM对其进行分类,从而实现SQL攻击检测。实验结果表明,相比其他几种较新的方案,提出的方案有效提高了SQL攻击的正确检测率。For the issues that the database information in Web application is vulnerable to SQL injection attack, a method of de-fense SQL injection attack based on data mining is proposed, and its core lies in the query tree feature extraction and conversion.First, the internal query tree is collected in the SQL database log. Then, the query tree feature is converted into an n- dimensional character feature vector by using the multidimensional sequences as the intermediate representation. Then, according to the query tree type, it uses different statistical models to convert character feature vector into the n- dimensional numerical characteristics vec-tor. Finally, the SQL attack detection is detected by using the polynomial kernel function SVM according to these features. Experi-mental results show that the proposed scheme can effectively improve the correct detection rate of SQL attacks.

关 键 词:数据挖掘 SQL注入攻击 查询树 特征转换 多项式核函数SVM 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象