摘要
SQL注入攻击具有危害大、攻击类型多、变异快、攻击隐蔽等特点,备受关注。文章提出一种基于SVM和文本特征向量提取的SQL注入检测技术,该技术结合了机器学习和自然语言统计技术。检测过程分为文本分析、特征提取和分类3个主要部分。SQL注入检测包括文本采集、基本特征提取、变形特征的数据统计、文本空间向量模型建立、模型训练、产生分类器、进行分类并得出分类结果等过程。实验结果显示,基于SVM和文本特征向量提取进行SQL注入检测具有很好的分类效果。依据机器学习评价训练模型的边缘曲线、混淆矩阵、效果分析、敏感性分析、特异性分析等评价方法结果显示,经过学习得到的SQL注入检测分类模型有较高的检测率。
SQL injection attack has the characteristics of great damage, various attacking types, quick mutation and concealment, which attract widespread attention. A SQL detection technology, which combined machine learning and natural language statistics, was proposed in this paper based on support vector machine(SVM) and text feature vector extraction. detection process was divided into three parts including text analysis, feature extraction and classification. Additionally, SQL injection detection process include text collection, basic feature extraction, statistics of deformation features, text space vector model construction, model training, classifier generation, classification and obtaining classification results. It was corroborated by experimental results that SQL injection detection based on SVM and text feature vector extraction was efficient in classification. Besides, according to evaluation methods including edge curve, confusion matrix, effect analysis, sensitivity analysis and specificity analysis, which were conducted in the machine learning evaluation training model, the SQL injection detection classification model obtained through learning had relatively high detection rate.
出处
《信息网络安全》
CSCD
2017年第12期40-46,共7页
Netinfo Security
基金
国家自然科学基金[61562090]
