Detection Of SQL Injection Attacks Based On Proxy Server

With the rapid development of Internet and network technology, Network database technology is used more and more popularly. Consequently, the security attacks towards database system is growing recently, in these attacks, SQL injection attacks are one of most important security attack methods. By the use of SQL injection attacks, the hackers can alter access illegally, forge and damage the data which is stored in database, leak confidential information. Besides these illegal activities, they can also inject some codes into database servers, this kind of illegal activities have a significant impact on the operation of database servers, or even result in paralysis of the entire system of database server. Researchers are paying more and more attention on the prevention of SQL injection attacks. Therefore, it is of important actual significance to have study on the SQL injection preventive technology.SQL injection is an attack that the attacker tries to insert or add SQL code into application input parameters and then transfer these parameters to background server to execute them. Based on the related theoretical analysis about the SQL injection attacks, a new method against SQL injection attack is presented in this system. Database protocol analysis, SQL syntax analysis and rule base are used in this method, communication messages between client and server are intercepted so that SQL statements can be abstracted by database protocol analysis, the SQL statements is analyzed by SQL syntax analysis and rule base in order to detection SQL Injection Attacks. Logic detection is done by SQL syntax analysis, if there is a syntax error SQL statement is considered to be SQL Injection Attacks. Rule base detection is done when the SQL statements has correct logic state. The statement is a SQL injection attack when SQL statement matches with the rule base. The usage of this method can prevent the SQL injection attacks transparently, neither client nor server has overload. The implementation has no need to take modification to the software of the client and server platform and the applications. The SQL prevention module can be transplanted freely between different database platforms. Experiments prove that the new method has a better ability to identify SQL injection and a very good SQL injection preventive effect.