摘要
如何有效过滤SQL注入攻击是当前Web安全领域亟需解决的关键问题之一。结合关键字过滤与序列比对过滤技术,提出一种基于LD算法的SQL注入攻击过滤(SQLIAF)方法。首先利用黑名单技术,从IP角度对非法用户进行过滤,进而缩小用于过滤的流量规模。其次对用户输入进行关键字检测:若不含关键字,利用LD算法序列比对的方法对非法输入进行过滤;若包含关键字则区分用户请求方式,采用直接加入黑名单的方式或利用LD算法进行处理,以解决传统关键字过滤方法对正常请求的误报问题。实验结果表明,与传统关键字过滤方法和规则匹配过滤方法相比,该方法能有效过滤SQL注入攻击,且误报率及漏报率更低、过滤速度更快。
Filtering SQL injection attacks effectively is one of the critical issues to be solved in the current Web security field.Combined keywords filtration with sequence alignment filtration technology,this paper proposed a SQL injection attacks filtration method( SQL injection attacks filtration,SQLIAF) based on LD algorithm. Firstly,in order to reduce the traffic size,it used the blacklist technology to filter illegal users from the perspective of IP. Secondly,it performed keywords detection on the user input. It used LD sequence alignment algorithm to filter illegal input when keywords don’t exist. Otherwise,in order to solve the false positive of normal requests in traditional keywords filtration,it distinguished the user request mode and used the method which ID was added to blacklist directly or the method of LD algorithm. The experimental results show that,compared with the traditional keyword filtration and rule matching,the proposed method can filter SQL injection attacks effectively with lower false positive rate and false negative rate and faster filtration speed.
作者
李应博
张斌
Li Yingbo;Zhang Bin(Strategic Support Force Information Engineering University,Zhengzhou 450001,China;Henan Province Information Security Key Laboratory,Zhengzhou 450001,China)
出处
《计算机应用研究》
CSCD
北大核心
2020年第9期2793-2796,共4页
Application Research of Computers
基金
河南省基础与前沿技术研究计划资助项目
信息工程大学新兴科研方向培育基金资助项目
信息工程大学研究科研项目。
关键词
SQL注入攻击
关键字过滤
LD算法
黑名单过滤
SQL injection attacks
keyword filtration
LD(Levenshtein distance)algorithm
blacklist filtration
