Osgi-based Anti-sql Injection System

SQL injection is a kind of script attack mode that is serial SQL commands programmed by malicious hackers who deliberate to inject special content to some normal SQL sentence. Nowadays, the popularity Web based applications are vulnerable to SQL injection attack, which become one of the most attackable measures to database. Hackers use SQL injection to make the database management system to breakdown or retrieve some sensitive data. Notwithstanding the serious result of SQL injection mention the software developers and system managers always ignore those potential system defects and risks. Even some special situations import this kind high risk coding style. The thesis will present some proposal methods to protect our applications from SQL injection with researching the Infiltration technique in domestic and abroad as well as my experiences in software designing to resolve defects of current SQL injection protect system. The system will integrate current mainstream strageties as well as some innovate strageties by implements following functions: (1) System could filter the sensitive words in SQL sentence predicate by matching the contents in preset database through key words filtering model. (2)And the system could centralize the log to specific location and then send alarms to managers by SQL execution log monitoring. (3) And recognizing attack behavior by using database execution plan.(4)privileges control through SQL plan analyzing. (4) Meanwhile, this function converts the complex privileges control to more centralizing controller in service layer through privilege controller module (5) Moreover, system is focus on preventing SQL scanning tools by filtering the HTTP request according to certain IP address through scanning tools prevention module.The system is based on OSGI (Open Service Gateway Initiative) platform which will become an aspect of upcoming JDK7. Meanwhile the thesis will import some solutions to reduce the modification of currently existence codes by using AOP (Aspect Oriental Programming) measures. At the last part, the thesis will demonstrate a scenario to test the accuracy,reliability and performance.