| With the rapid development of Internet, the security of network database has become the focus of network security, and the demand of studying the database protection technology aiming at SQL attack to intensify the security is more and more urgent. At present, the preventive measure against the network attacks including SQL attacks is Intrusion Detection System (IDS), it analyzes network data with network protocol decoding and pattern-matching approach, but the problem of false positives, false negatives and the lack of real-time response to attack behavior is prominent. This paper designed a database protection system after researching the principles of SQL attacks and the intrusion detection techniques. This system works between the web server and database server, parses the network and database protocol of the packets passing through, detects and analyzes the SQL statements directly and then denies the illegal ones with attack signature. It improved the ability of security detection and active defense, with lower rate of false positives and false negatives, and thus protects the database effectively. At last this paper studied the learning-based anomaly detection and the signature-based misuse detection technology, analyzed their respective advantages and disadvantages, as well as the possibility of combining them together. |
PDF Full Text Request