摘要
Web技术是通过Web采用HTTP或HTTPS协议访问外部并对外部请求提供服务和响应的应用程序,Web应用日益成为软件开发的主流之一,随之而来的是,Web应用程序中存在的多种安全漏洞渐渐显露出来,这些给人们的生活、工作、学习都带来了巨大的损失。面对Web网站存在的种种安全漏洞问题,文章通过对大量SQL注入攻击报文的攻击特征进行总结分析,结合SQL注入攻击的攻击特征和攻击原理,提出了一种基于通用规则的SQL注入攻击检测与防御的方法,并利用SQL注入检测工具Sqlmap进行SQL注入攻击模拟同时对网络流量捕捉抓包,对上述检测防御方法进行验证。SQL注入检测工具利用自带网络爬虫通过HTTP协议和URL链接来遍历网页并获取页面数据信息,然后进行SQL注入尝试并通过抓包工具捕捉网络攻击流量,提取攻击特征,总结通用规则,更新规则库,最终结合IPS入侵防御系统告警或阻断来提升网络环境的安全性。实验测试表明,该方法可有效检测SQL注入攻击漏洞。
Web technology is to use HTTP or HTTPS protocol to provide service, and the apphcatlon ot the Web application has gradually become one of the mainstream of software development, but the various existing security vulnerabilities in Web application also exposed, bring huge economic losses. To solve the problem of Web site security, based on a large number of SQL injection attacks message,this paper summarizes and analyses attack characteristics, combined with the feature of SQL injection attacks, is put forward based on the general rules of SQL injection detect and defense method, and use the testing tool Sqlmap to SQL injection attacks for network traffic capture caught at the same time, the above testing defensive method is validated. The testing tools using the built-in web crawler through the HTTP protocol and URL link traverse the web information, inject and capture the network attack traffic, extract attack feature, summarizes the general rule and update the rule base, finally combine IPS intrusion prevention system alarms or block to improve the environment of network security. Experiments show that the method can effectively detect SQL injection attacks.
出处
《电子设计工程》
2017年第5期24-28,32,共6页
Electronic Design Engineering
