摘要
鉴于数据库入侵检测系统中模板的数量不断增加,导致入侵检测效率也随着降低。提出基于用户行为编码的数据库入侵检测模型,该模型通过对提交的SQL进行编码,再利用挖掘方法得出语句中属性内部关系的规则,最后形成用户正常行为规则库,从而取代了模板库,提高了检测的效率。该方法不仅能够有效地防止SQL注入,而且也能检测出合法权限滥用。
Increasing number of templates in database intrusion detection system leads to the detection efficiency goes down. In view of this, in the paper we present a database intrusion detection model based on encoding of user's behaviour. The model encodes SQL statements submitted, attains the rules of inner relationship of attributes in sentences with mining algorithm, and eventually forms the rule base of users' normal behaviours, through these procedures it replaces the temples and improves the detection efficiency. The method can prevent database from SQL injection effectively, and can also detect the abuse of users' privileges.
出处
《计算机应用与软件》
CSCD
2010年第2期97-99,147,共4页
Computer Applications and Software
基金
上海市教委科技发展基金(05AZ68)
上海市重点学科建设项目(J50103)
关键词
数据库入侵检测
SQL语句
编码
Database intrusion detection SQL statements Encoding