基于改进TFIDF算法的SQL注入攻击检测方法  被引量：1

作　　者：李应博 张斌[1] LI Yingbo;ZHANG Bin(Information Engineering University,Zhengzhou 450001,China)

机构地区：[1]信息工程大学,河南郑州450001

出　　处：《信息工程大学学报》2020年第1期108-114,共7页Journal of Information Engineering University

基　　金：河南省基础与前沿技术研究计划资助项目(142300413201)。

摘　　要：当SQL语句数据集中包含常规词与包含敏感字符的语句数量相等或相近时,基于TFIDF(Term Frequency Inverse Document Frequency)算法向量化SQL语句所得特征向量表征性较弱,导致SQL注入攻击检测性能变差。提出一种基于改进TFIDF(Improved TFIDF,ITFIDF)算法的SQL注入攻击检测方法。首先对TFIDF算法进行改进,在分词的逆文档频率计算公式中引入与该分词相关的语句数量参数,以解决TFIDF算法在某些情况下特征向量表征性较弱的问题;然后基于ITFIDF算法重新设计了SQL语句文本向量化算法;最后基于SVM(Support Vector Machine)算法实现SQL注入攻击检测,利用SMO(Sequential Minimal Optimization)算法高效求解复杂二次规划问题的特性,将SMO和SVM相结合以解决SVM求解最佳超平面函数速率低的问题。实验结果表明,与同类方法相比,该方法具有更高的查准率、召回率及F分数。When the number of statements in the SQL dataset containing general word is equal or close to the number of statements containing sensitive character,the characterization of eigenvectors obtained from vectorized SQL statements based on TFIDF(Term Frequency Inverse Document Frequency)algorithm is weak,which results in poor performance of SQL injection attacks detection.This paper proposes an SQL injection attack detection method based on improved TFIDF(Improved TFIDF,ITFIDF)algorithm.First,TFIDF algorithm is improved:the parameter which represents the number of statements related to the words is introduced to the inverse document frequency calculation formula,which is to solve the problem of weak representation of TFIDF in some cases.Secondly,SQL statement text vectorization algorithm is redesigned based on ITFIDF algorithm.Then SQL injection attack detection is implemented based on SVM(support vector machine)algorithm.Because SMO(Sequential Minimal Optimization)algorithm can efficiently solve complex quadratic programming problems,SVM is combined with SMO to solve the problem that SVM has a low speed in calculating the optimal hyperplane function.The experimental results show that compared with other similar methods,the proposed method has higher precision,recall and F-score.

关 键 词：SQL注入攻击 改进的TFIDF SVM SMO 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]