摘要
SQL注入攻击是最常见的Web应用程序攻击手段,利用机器学习检测SQL注入攻击已成为一种趋势。以SQL语句为研究对象,结合SQL语句自身的特殊结构,提出一种基于TF-IDF文本向量化的SQL注入攻击检测方法。前期通过对大量SQL注入攻击语句与用户正常输入的SQL语句研究分析,概括出34个特征点,在此基础之上对SQL语句进行文本向量化处理。实验最后同时使用Libsvm、Weighted KNN和Boosted Decision Tree三个模型对数据集进行模型训练及预测,并跟其他类似的检测进行对比,验证该方法的可行性。实验结果表明:基于TF-IDF文本向量化的SQL注入攻击检测方法相对于其他方法,正确率、召回率、F分数均提高了20%以上;准确率也提高了15%左右。充分说明基于TF-IDF文本向量化的SQL注入攻击检测方法具有准确性高,召回率高等特点。
SQL injection attack is the most common method of web application attacks.Using machine learning to detect SQL injection attacks has become a trend.Taking SQL statement as the research object and combining the special structure of the SQL statement itself,a SQL injection attack detection method based on TF-IDF text vectorization is proposed in the paper.In the previous period,a large number of SQL injection attacks and user-entered SQL statements were analyzed and analyzed,and 34 feature points were summarized.Based on this,the text of the SQL statement is vectorized.At the end of the experiment,the three models of Libsvm,Weighted KNN and Boosted Decision Tree were used to train and predict the dataset,and compared with other similar tests to verify the feasibility of the method.Experimental results show that the accuracy of the SQL injection attack detection method based on TF-IDF text vectorization is higher than that of other methods by more than 20%,and the accuracy rate is improved by about 15%.It fully shows that the method of SQL injection attack detection based on TF-IDF text vectorization is characterized by high accuracy and high recall rate.
作者
徐冬冬
谢统义
万卓昊
黄保华
XU Dong-dong;XIE Tong-yi;WAN Zhuo-hao;HUANG Bao-hua(School of Computer and Electronical Information,Guangxi University,Nanning 530004,China;Research Department,Guangxi Institute of Education,Nanning 530023,China)
出处
《广西大学学报(自然科学版)》
CAS
北大核心
2018年第5期1818-1826,共9页
Journal of Guangxi University(Natural Science Edition)
基金
国家自然科学基金资助项目(61262072)
广西中青年教师基础能力提升项目(KY2016YB578)
