The Intrusion Detection Reaearch On SQL Injection Attack Based On Web Applications

With the rapid development of network technology, Web applications are increasingly widespread while facing more and more security threats as well. The SQL injection vulnerabilities attack which operates the database server by finding vulnerabilities in the system to obtain confidential information is the most common and most harmful form of attack against Web system. How to detect against the SQL injection vulnerabilities is the main task that we face and is also an important guarantee to ensure the security of the Web applications.After understanding of the knowledge of the basic principles of SQL injection attacks and related steps of attack, this paper described the detection technology against SQL injection attacks at home and abroad in detail. Among them, the detection method of dynamic query matching has some advantages, such as achieving easily, having no limits to user input, without initialization, independent developers and so on. However, the method needs to maintain a master file to contain lots of normal queries dynamically, and the number of queries continues to expand according to the different query mode of users, increasing the time of the match detection greatly. Therefore, on the basis of the technology, this paper put forward a detection method of dynamic query matching based on sentence-level. The method maintains more than one master file according to statement characteristics of SQL queries, and selects the corresponding master file to match in the detection process in order to reduce the number of match detection.Finally, this paper designs and implements a SQL injection vulnerability detection system (IVDS) on the basis of the detection method of dynamic query matching based on sentence-level. The system includes four modules:XML formatted module, exact matching detection module, approximate matching detection module, and alarm module. The experiments show that IVDS has the abilities of distinguishing SQL injection and avoiding the fail report problem which exists in characteristic keywords filtering method. IVDS which uses the method of dynamic query matching based on sentence-level increases the detection performance compared with using the method of original dynamic query matching.