检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:李兵[1] 赵明华[1] 王伟[1] 王锋[1] LI Bing;ZHAO Ming-hua;WANG Wei;WANG Feng(School of Computer Science and Engineering,Xi'an University of Technology,Xi'an Shaanxi 710048,China)
机构地区:[1]西安理工大学计算机科学与工程学院,陕西西安710048
出 处:《计算机仿真》2024年第11期550-554,共5页Computer Simulation
摘 要:异构数据库具有数据量规模庞大、多样性等特点。在高并发条件下,数据库系统会承受大量的查询请求,使得检测出SQL注入攻击数据不具备实时效应。因此,提出高并发异构数据库SQL注入攻击检测方法。通过清洗异构数据库,采用主成分分析方法对数据降维;采用词频-逆文档频率(Term Frequency Inverse Document Frequency,TFIDF)算法对异构数据库攻击数据量化,并提取攻击特征;结合支持向量机(Support Vector Machine,SVM)方法对特征分类,实现异构数据库SQL注入攻击检测。实验结果表明,上述方法检测SQL注入攻击时,当待检测数据量较大时,耗时仅为53ms,且能够适配于所有SQL注入攻击类型。Generally,heterogeneous databases have the characteristics of large data volume and diversity.Under high concurrency,the database system may have to accept many query requests,so it is impossible to detect SQL injection attacks in real-time.Therefore,a method for detecting SQL injection attacks in high-concurrency heterogene-ous databases was proposed.Firstly,the method cleaned up the heterogeneous database and used principal component analysis to reduce the dimensionality of data.Then,the TFIDF(Term Frequency Inverse Document Frequency)algo-rithm was adopted to quantify the attack data in the heterogeneous database and extract the attack features.Finally,the SVM(Support Vector Machine)method was used to classify the features,thus detecting SQL injection attacks in the heterogeneous database.Experimental results show that when the amount of the data to be detected is large,the method only takes 53ms to detect SQL injection attacks,so it can adapt to all types of SQL injection attacks.
关 键 词:高并发条件异构数据库 注入攻击 实时检测 检测模型建立
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.229