CN111488590A - 一种基于用户行为可信分析的sql注入检测方法 - Google Patents
一种基于用户行为可信分析的sql注入检测方法 Download PDFInfo
- Publication number
- CN111488590A CN111488590A CN202010475089.2A CN202010475089A CN111488590A CN 111488590 A CN111488590 A CN 111488590A CN 202010475089 A CN202010475089 A CN 202010475089A CN 111488590 A CN111488590 A CN 111488590A
- Authority
- CN
- China
- Prior art keywords
- user
- behavior
- data
- injection
- user behavior
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000002347 injection Methods 0.000 title claims abstract description 51
- 239000007924 injection Substances 0.000 title claims abstract description 51
- 238000001514 detection method Methods 0.000 title claims abstract description 46
- 238000004458 analytical method Methods 0.000 title claims abstract description 21
- 230000006399 behavior Effects 0.000 claims description 97
- 238000000034 method Methods 0.000 claims description 16
- 239000013598 vector Substances 0.000 claims description 16
- 238000012549 training Methods 0.000 claims description 14
- 230000008569 process Effects 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 6
- 230000004044 response Effects 0.000 claims description 5
- 238000001914 filtration Methods 0.000 claims description 3
- 239000011159 matrix material Substances 0.000 claims description 3
- 230000005856 abnormality Effects 0.000 claims description 2
- 238000012512 characterization method Methods 0.000 claims description 2
- 238000012216 screening Methods 0.000 claims description 2
- 238000011897 real-time detection Methods 0.000 abstract description 3
- 239000000523 sample Substances 0.000 description 18
- 238000012360 testing method Methods 0.000 description 9
- 230000008859 change Effects 0.000 description 5
- 238000005457 optimization Methods 0.000 description 5
- 239000012634 fragment Substances 0.000 description 4
- 230000003068 static effect Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000005070 sampling Methods 0.000 description 3
- 239000003795 chemical substances by application Substances 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000000638 solvent extraction Methods 0.000 description 2
- 235000012571 Ficus glomerata Nutrition 0.000 description 1
- 244000153665 Ficus glomerata Species 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 238000002864 sequence alignment Methods 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/242—Query formulation
- G06F16/2433—Query languages
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/23—Clustering techniques
- G06F18/232—Non-hierarchical techniques
- G06F18/2321—Non-hierarchical techniques using statistics or function optimisation, e.g. modelling of probability density functions
- G06F18/23213—Non-hierarchical techniques using statistics or function optimisation, e.g. modelling of probability density functions with fixed number of clusters, e.g. K-means clustering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Probability & Statistics with Applications (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Biology (AREA)
- Evolutionary Computation (AREA)
- Bioinformatics & Computational Biology (AREA)
- Quality & Reliability (AREA)
- Mathematical Physics (AREA)
- Computational Linguistics (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
Claims (6)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010475089.2A CN111488590A (zh) | 2020-05-29 | 2020-05-29 | 一种基于用户行为可信分析的sql注入检测方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010475089.2A CN111488590A (zh) | 2020-05-29 | 2020-05-29 | 一种基于用户行为可信分析的sql注入检测方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111488590A true CN111488590A (zh) | 2020-08-04 |
Family
ID=71813452
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010475089.2A Pending CN111488590A (zh) | 2020-05-29 | 2020-05-29 | 一种基于用户行为可信分析的sql注入检测方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111488590A (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112052453A (zh) * | 2020-09-04 | 2020-12-08 | 四川长虹电器股份有限公司 | 基于Relief算法的webshell检测方法及装置 |
CN112100617A (zh) * | 2020-09-15 | 2020-12-18 | 全球能源互联网研究院有限公司 | 一种异常sql检测方法及装置 |
CN112507336A (zh) * | 2020-12-15 | 2021-03-16 | 四川长虹电器股份有限公司 | 基于代码特征和流量行为的服务端恶意程序检测方法 |
CN114124449A (zh) * | 2021-10-14 | 2022-03-01 | 北京墨云科技有限公司 | 一种基于机器学习的sql注入攻击识别方法 |
CN114244558A (zh) * | 2021-11-09 | 2022-03-25 | 上海浦东发展银行股份有限公司 | 注入攻击检测方法、装置、计算机设备和可读存储介质 |
CN114462589A (zh) * | 2021-09-28 | 2022-05-10 | 北京卫达信息技术有限公司 | 正常行为神经网络模型训练方法、***、装置及存储介质 |
CN114640499A (zh) * | 2022-02-11 | 2022-06-17 | 深圳昂楷科技有限公司 | 一种对用户行为进行异常识别的方法及其装置 |
CN118018325A (zh) * | 2024-04-08 | 2024-05-10 | 山东捷瑞信息技术产业研究院有限公司 | 一种基于人工智能的防DDoS攻击方法及*** |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160337400A1 (en) * | 2015-05-15 | 2016-11-17 | Virsec Systems, Inc. | Detection of sql injection attacks |
CN108549814A (zh) * | 2018-03-24 | 2018-09-18 | 西安电子科技大学 | 一种基于机器学习的sql注入检测方法、数据库安全*** |
CN108875366A (zh) * | 2018-05-23 | 2018-11-23 | 四川大学 | 一种面向php程序的sql注入行为检测*** |
CN109598124A (zh) * | 2018-12-11 | 2019-04-09 | 厦门服云信息科技有限公司 | 一种webshell检测方法以及装置 |
CN110581850A (zh) * | 2019-09-09 | 2019-12-17 | 河南戎磐网络科技有限公司 | 一种基于网络流量基因检测方法 |
CN111049819A (zh) * | 2019-12-07 | 2020-04-21 | 上海镕天信息科技有限公司 | 一种基于威胁建模的威胁情报发现方法及计算机设备 |
CN111107096A (zh) * | 2019-12-27 | 2020-05-05 | 杭州迪普科技股份有限公司 | 一种Web站点安全防护方法及装置 |
-
2020
- 2020-05-29 CN CN202010475089.2A patent/CN111488590A/zh active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160337400A1 (en) * | 2015-05-15 | 2016-11-17 | Virsec Systems, Inc. | Detection of sql injection attacks |
CN108549814A (zh) * | 2018-03-24 | 2018-09-18 | 西安电子科技大学 | 一种基于机器学习的sql注入检测方法、数据库安全*** |
CN108875366A (zh) * | 2018-05-23 | 2018-11-23 | 四川大学 | 一种面向php程序的sql注入行为检测*** |
CN109598124A (zh) * | 2018-12-11 | 2019-04-09 | 厦门服云信息科技有限公司 | 一种webshell检测方法以及装置 |
CN110581850A (zh) * | 2019-09-09 | 2019-12-17 | 河南戎磐网络科技有限公司 | 一种基于网络流量基因检测方法 |
CN111049819A (zh) * | 2019-12-07 | 2020-04-21 | 上海镕天信息科技有限公司 | 一种基于威胁建模的威胁情报发现方法及计算机设备 |
CN111107096A (zh) * | 2019-12-27 | 2020-05-05 | 杭州迪普科技股份有限公司 | 一种Web站点安全防护方法及装置 |
Non-Patent Citations (2)
Title |
---|
张博: "SQL注入攻击与检测技术研究", 《信息安全与通信保密》 * |
黄春虎等: "基于Re-FCBF的入侵特征选择算法研究", 《激光杂志》 * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112052453A (zh) * | 2020-09-04 | 2020-12-08 | 四川长虹电器股份有限公司 | 基于Relief算法的webshell检测方法及装置 |
CN112100617A (zh) * | 2020-09-15 | 2020-12-18 | 全球能源互联网研究院有限公司 | 一种异常sql检测方法及装置 |
CN112100617B (zh) * | 2020-09-15 | 2023-11-24 | 全球能源互联网研究院有限公司 | 一种异常sql检测方法及装置 |
CN112507336A (zh) * | 2020-12-15 | 2021-03-16 | 四川长虹电器股份有限公司 | 基于代码特征和流量行为的服务端恶意程序检测方法 |
CN114462589A (zh) * | 2021-09-28 | 2022-05-10 | 北京卫达信息技术有限公司 | 正常行为神经网络模型训练方法、***、装置及存储介质 |
CN114462589B (zh) * | 2021-09-28 | 2022-11-04 | 北京卫达信息技术有限公司 | 正常行为神经网络模型训练方法、***、装置及存储介质 |
CN114124449A (zh) * | 2021-10-14 | 2022-03-01 | 北京墨云科技有限公司 | 一种基于机器学习的sql注入攻击识别方法 |
CN114244558A (zh) * | 2021-11-09 | 2022-03-25 | 上海浦东发展银行股份有限公司 | 注入攻击检测方法、装置、计算机设备和可读存储介质 |
CN114244558B (zh) * | 2021-11-09 | 2023-10-27 | 上海浦东发展银行股份有限公司 | 注入攻击检测方法、装置、计算机设备和可读存储介质 |
CN114640499A (zh) * | 2022-02-11 | 2022-06-17 | 深圳昂楷科技有限公司 | 一种对用户行为进行异常识别的方法及其装置 |
CN118018325A (zh) * | 2024-04-08 | 2024-05-10 | 山东捷瑞信息技术产业研究院有限公司 | 一种基于人工智能的防DDoS攻击方法及*** |
CN118018325B (zh) * | 2024-04-08 | 2024-07-09 | 山东捷瑞信息技术产业研究院有限公司 | 一种基于人工智能的防DDoS攻击方法及*** |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111488590A (zh) | 一种基于用户行为可信分析的sql注入检测方法 | |
CN110233849B (zh) | 网络安全态势分析的方法及*** | |
CN107241352B (zh) | 一种网络安全事件分类与预测方法及*** | |
CN106961419B (zh) | WebShell检测方法、装置及*** | |
CN105184159A (zh) | 网页篡改的识别方法和装置 | |
CN114077741B (zh) | 软件供应链安全检测方法和装置、电子设备及存储介质 | |
CN103281177A (zh) | 对Internet信息***恶意攻击的检测方法及*** | |
CN112199677A (zh) | 一种数据处理方法和装置 | |
KR102362516B1 (ko) | 사이버 위협 정보 처리 장치, 사이버 위협 정보 처리 방법 및 사이버 위협 정보 처리하는 프로그램을 저장하는 저장매체 | |
CN113704328B (zh) | 基于人工智能的用户行为大数据挖掘方法及*** | |
CN113190839A (zh) | 一种基于SQL注入的web攻击防护方法及*** | |
CN113194058A (zh) | Web攻击检测方法、设备、网站应用层防火墙及介质 | |
CN111611590B (zh) | 涉及应用程序的数据安全的方法及装置 | |
Zhang et al. | A php and jsp web shell detection system with text processing based on machine learning | |
Boffa et al. | Towards NLP-based processing of honeypot logs | |
CN112817877B (zh) | 异常脚本检测方法、装置、计算机设备和存储介质 | |
CN113946823A (zh) | 一种基于url基线偏离度分析的sql注入检测方法及装置 | |
CN113297580A (zh) | 基于代码语义分析的电力信息***安全防护方法及装置 | |
US20240054210A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
US20230252146A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
US20230252144A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
WO2010149986A2 (en) | A method, a computer program and apparatus for analysing symbols in a computer | |
US20230048076A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
KR102411383B1 (ko) | 사이버 위협 정보 처리 장치, 사이버 위협 정보 처리 방법 및 사이버 위협 정보 처리하는 프로그램을 저장하는 저장매체 | |
CN111475812B (zh) | 一种基于数据可执行特征的网页后门检测方法与*** |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20221104 Address after: Floor 29, Building 1, No. 199, Tianfu 4th Street, Chengdu Hi tech Zone, China (Sichuan) Pilot Free Trade Zone, Chengdu 610000, Sichuan Applicant after: Homwee Technology Co.,Ltd. Address before: 518057 unit 01, 23rd floor, Changhong science and technology building, Keji South 12 road, high tech Zone, Yuehai street, Nanshan District, Shenzhen, Guangdong Applicant before: SHENZHEN YIJIAEN TECHNOLOGY Co.,Ltd. |
|
TA01 | Transfer of patent application right | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200804 |
|
RJ01 | Rejection of invention patent application after publication |