期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于信息携带的SQL注入攻击检测方法 被引量:5

SQL Injection Attack Detection Method Based on Information Carrying
在线阅读 下载PDF
导出
摘要 目前,基于传统机器学习的SQL注入攻击检测的准确度仍有待提高,产生这一问题的主要原因是:在提取特征向量时,若选择的特征向量过多,则会导致模型过拟合,并影响算法的效率;若选择的特征向量过少,则会产生大量的误报数和漏报数。针对这一问题,文中提出了一种基于信息携带的SQL注入攻击检测方法SQLIA-IC。SQLIA-IC在机器学习的检测基础上加入了标记器和内容匹配模块,标记器用于检测样本中的敏感信息,内容匹配模块用于对样本进行特征项匹配,以达到二次判断的目的。为了提高SQL注入攻击检测的效率,利用信息值简化机器学习和标记器的检测结果,在内容匹配模块中根据样本携带的信息值进行动态匹配。仿真实验结果表明,相比传统的机器学习方法,所提方法的准确率平均高出2.62%,精确率平均高出4.35%,召回率平均高出0.96%,而时间损耗仅增加了5 ms左右,便能够快速、有效地检测出SQL注入攻击。 At present,the accuracy of SQL injection attack detection based on traditional machine learning still needs to be improved.The main reason behind this phenomenon is that if too many features are selected when extracting feature vectors,it will cause the overfitting of the model and negatively affect the efficiency of the algorithm,whereas a large number of false and missed number will be generated if too little features are selected.To solve this problem,the paper proposes SQLIA-IC,a SQL injection attack detection method based on information carrying.The SQLIA-IC adds a marker and content matching module on the basis of machine learning detection.The marker is used to detect sensitive information in the sample,and the content matching module is used to match the feature items of the sample to achieve the purpose of secondary judgment.In order to improve the efficiency of SQL injection attack detection,the information value is used to simplify the detection results of machine learning and markers.In the content matching module,the dynamic matching is performed according to the information value carried by the sample.The simulation experiment results show that compared with the traditional machine learning methods,the accuracy rate of the method proposed in this paper is 2.62%higher on average,the precision ratio is 4.35%higher on average,the recall rate is 0.96%higheron average while the time loss has only increased by about 5 ms,which reveals that the method proposed can detect SQL injection attacks efficiently and effectively.
作者 程希 曹晓梅 CHENG Xi;CAO Xiao-mei(School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China)
机构地区 南京邮电大学计算机学院
出处 《计算机科学》 CSCD 北大核心 2021年第7期70-76,共7页 Computer Science
关键词 机器学习 特征项匹配 信息携带 SQL注入攻击 入侵检测 Machine learning Feature matching Information carrying SQL injection attack Intrusion detection
分类号 TP181 [自动化与计算机技术—控制理论与控制工程]
  • 相关文献

参考文献8

二级参考文献42

  • 1诸葛建伟,韩心慧,周勇林,宋程昱,郭晋鹏,邹维.HoneyBow:一个基于高交互式蜜罐技术的恶意代码自动捕获器[J].通信学报,2007,28(12):8-13. 被引量:44
  • 2Joachims T.Text categorization with support vector machines: Learning with many relevant features[].Proceedings of the th European Conference on Machine Learning.1998
  • 3ALMGREN M,,DEBAR H,DACIER M.A lightweight tool fordetecting web server attacks. Proceedings of Network andDistributed Systems Security . 2000
  • 4ALMGREN M,LINDQVIST U.Application-integrated data collection for security monitoring. RAID2001 . 2001
  • 5Garcia V H,Monroy R,Quintana M.Web attack detection using ID3[OL]. http://homepage.cem.itesm.mx/raulm/pub/id3-ids . 2013
  • 6XSSED. http://xssed.com . 2014
  • 7XSS (Cross Site Scripting)Cheat Sheet. http://ha.ckers.org/xssAttacks.xml . 2014
  • 8exploit-db. http://www.exploit-db.com/webapps . 2014
  • 9李昆仑,曹铮,曹丽苹,张超,刘明.半监督聚类的若干新进展[J].模式识别与人工智能,2009,22(5):735-742. 被引量:50
  • 10熊建斌,李振坤,刘怡俊.半监督聚类算法研究现状[J].现代计算机,2009,15(12):61-64. 被引量:4

共引文献223

同被引文献51

引证文献5

二级引证文献18

计算机科学
2021年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部