The advantage of recursive programming is that it is very easy to write and it only requires very few lines of code if done correctly.Structured query language(SQL)is a database language and is used to manipulate data...The advantage of recursive programming is that it is very easy to write and it only requires very few lines of code if done correctly.Structured query language(SQL)is a database language and is used to manipulate data.In Microsoft SQL Server 2000,recursive queries are implemented to retrieve data which is presented in a hierarchical format,but this way has its disadvantages.Common table expression(CTE)construction introduced in Microsoft SQL Server 2005 provides the significant advantage of being able to reference itself to create a recursive CTE.Hierarchical data structures,organizational charts and other parent-child table relationship reports can easily benefit from the use of recursive CTEs.The recursive query is illustrated and implemented on some simple hierarchical data.In addition,one business case study is brought forward and the solution using recursive query based on CTE is shown.At the same time,stored procedures are programmed to do the recursion in SQL.Test results show that recursive queries based on CTEs bring us the chance to create much more complex queries while retaining a much simpler syntax.展开更多
Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and the...Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and then under the guidance of this model, the formal descriptions for the SQL injection vulnerability feature and SQL injection attack inputs are established. Moreover,according to new coverage criteria,these models are instantiated and the executable test cases are generated.Experiments show that compared with the random enumerated test case used in other works,the test case generated by our method can detect the SQL injection vulnerability more effectively. Therefore,the false negative is reduced and the test accuracy is improved.展开更多
A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Que...A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Query Language queries is proposed to easily permit the use of the worked clustering algorithm.A new clustering algorithm that uses a tube search with adaptive memory is applied to database log files to create users’profiles.Then,queries issued for each user are checked against the related user profile using a classifier to determine whether or not each query is malicious.The IDS will stop query execution or report the threat to the responsible person if the query is malicious.A simple classifier based on the Euclidean distance is used and the issued query is transformed to the proposed simple representation using a classifier,where the Euclidean distance between the centers and the profile’s issued query is calculated.A synthetic data set is used for our experimental evaluations.Normal user access behavior in relation to the database is modelled using the data set.The false negative(FN)and false positive(FP)rates are used to compare our proposed algorithm with other methods.The experimental results indicate that our proposed method results in very small FN and FP rates.展开更多
In recent years,Apache Spark has become the de facto standard for big data processing.SparkSQL is a module offering support for relational analysis on Spark with Structured Query Language(SQL).SparkSQL provides conven...In recent years,Apache Spark has become the de facto standard for big data processing.SparkSQL is a module offering support for relational analysis on Spark with Structured Query Language(SQL).SparkSQL provides convenient data processing interfaces.Despite its efficient optimizer,SparkSQL still suffers from the inefficiency of Spark resulting from Java virtual machine and the unnecessary data serialization and deserialization.Adopting native languages such as C++could help to avoid such bottlenecks.Benefiting from a bare-metal runtime environment and template usage,systems with C++interfaces usually achieve superior performance.However,the complexity of native languages also increases the required programming and debugging efforts.In this work,we present LotusSQL,an engine to provide SQL support for dataset abstraction on a native backend Lotus.We employ a convenient SQL processing framework to deal with frontend jobs.Advanced query optimization technologies are added to improve the quality of execution plans.Above the storage design and user interface of the compute engine,LotusSQL implements a set of structured dataset operations with high efficiency and integrates them with the frontend.Evaluation results show that LotusSQL achieves a speedup of up to 9 in certain queries and outperforms Spark SQL in a standard query benchmark by more than 2 on average.展开更多
文摘The advantage of recursive programming is that it is very easy to write and it only requires very few lines of code if done correctly.Structured query language(SQL)is a database language and is used to manipulate data.In Microsoft SQL Server 2000,recursive queries are implemented to retrieve data which is presented in a hierarchical format,but this way has its disadvantages.Common table expression(CTE)construction introduced in Microsoft SQL Server 2005 provides the significant advantage of being able to reference itself to create a recursive CTE.Hierarchical data structures,organizational charts and other parent-child table relationship reports can easily benefit from the use of recursive CTEs.The recursive query is illustrated and implemented on some simple hierarchical data.In addition,one business case study is brought forward and the solution using recursive query based on CTE is shown.At the same time,stored procedures are programmed to do the recursion in SQL.Test results show that recursive queries based on CTEs bring us the chance to create much more complex queries while retaining a much simpler syntax.
基金National Natural Science Foundation of China(No.51274150)Tianjin Major Project of Application Foundation and Advanced Technology,China(No.12JCZDJC27800)
文摘Aiming to improve the Structured Query Language( SQL) injection penetration test accuracy through the formalismguided test case generation,an attack purpose based attack tree model of SQL injection is proposed,and then under the guidance of this model, the formal descriptions for the SQL injection vulnerability feature and SQL injection attack inputs are established. Moreover,according to new coverage criteria,these models are instantiated and the executable test cases are generated.Experiments show that compared with the random enumerated test case used in other works,the test case generated by our method can detect the SQL injection vulnerability more effectively. Therefore,the false negative is reduced and the test accuracy is improved.
文摘A new secured database management system architecture using intrusion detection systems(IDS)is proposed in this paper for organizations with no previous role mapping for users.A simple representation of Structured Query Language queries is proposed to easily permit the use of the worked clustering algorithm.A new clustering algorithm that uses a tube search with adaptive memory is applied to database log files to create users’profiles.Then,queries issued for each user are checked against the related user profile using a classifier to determine whether or not each query is malicious.The IDS will stop query execution or report the threat to the responsible person if the query is malicious.A simple classifier based on the Euclidean distance is used and the issued query is transformed to the proposed simple representation using a classifier,where the Euclidean distance between the centers and the profile’s issued query is calculated.A synthetic data set is used for our experimental evaluations.Normal user access behavior in relation to the database is modelled using the data set.The false negative(FN)and false positive(FP)rates are used to compare our proposed algorithm with other methods.The experimental results indicate that our proposed method results in very small FN and FP rates.
文摘In recent years,Apache Spark has become the de facto standard for big data processing.SparkSQL is a module offering support for relational analysis on Spark with Structured Query Language(SQL).SparkSQL provides convenient data processing interfaces.Despite its efficient optimizer,SparkSQL still suffers from the inefficiency of Spark resulting from Java virtual machine and the unnecessary data serialization and deserialization.Adopting native languages such as C++could help to avoid such bottlenecks.Benefiting from a bare-metal runtime environment and template usage,systems with C++interfaces usually achieve superior performance.However,the complexity of native languages also increases the required programming and debugging efforts.In this work,we present LotusSQL,an engine to provide SQL support for dataset abstraction on a native backend Lotus.We employ a convenient SQL processing framework to deal with frontend jobs.Advanced query optimization technologies are added to improve the quality of execution plans.Above the storage design and user interface of the compute engine,LotusSQL implements a set of structured dataset operations with high efficiency and integrates them with the frontend.Evaluation results show that LotusSQL achieves a speedup of up to 9 in certain queries and outperforms Spark SQL in a standard query benchmark by more than 2 on average.