Research Of SQL Injection Vulnerability Detection

With the rapid development of network technology, such as easiness to develop and to use the network platform and openness in the platform, more and more companies, administrations and individuals have built their own sites on the Internet, which also makes the security problem of network platform become more and more serious.Many Web vulnerabilities existing in application coding will lead to Web servers vulnerable to network malicious attacks, of which SQL injection attack spreads widely and has serious effect comparably To ensure the security of Web applications, with Web Vulnerability Scanner to detect, dig out the SQL injection vulnerabilities immediately is very important. Under normal circumstances, when scanning Web vulnerabilities, we need to crawl all the pages in one site to cover more SOL injection vulnerabilities, which will lead to excessive scan time. Therefore, when scanning SQL injection vulnerabilities, to shrink the size of the scan scale appropriately and at the same time, to cover SQL injection vulnerabilities that may exist in the system as far as possible became one of the urgent problems to be solved.This paper firstly describes some progress at home and abroad about SQL injection vulnerability detection. With a detailed study of the vulnerability detection methods used currently, on the basis of previous studies, we design and implement a high efficient detection method both in detection rate and in test rate of Web Vulnerabilities. The design of that method is divided into two parts:the web crawler based on template matching and the mining modules of SQL injection vulnerability to expand automatically based on knowledge library. This design achieve a appropriate time to streamline the objects that Web vulnerability scanning crawler crawls, which greatly improves the efficiency of vulnerability scanning and makes the multiple vulnerability scanning of large sites possible. Meanwhile, in order to improve the detection rate of SQL injection vulnerabilities, we design and implement a set of simulated attacks with automatical extension for detection. The expanded set of simulated attack covers many ways that hacks attack, which can provides system encoding and vulnerability information of security mechanism for and security workers and system developers before the system is under attack. This paper presents a web crawler method based on template matching to streamline the objects that to be scanned in order to implement efficient and accurate vulnerability detection to the targeted server. It first crawls pages under the same template by sampling, then conducts the structural similarity calculation of the crawled pages and based on a similar proportion in the sample to determine whether to crawl under the rest pages under the template. This paper filtered out the pages with repetitive structure under the same template by template matching to achieve a streamlined objects for web vulnerability scanning and put them in experiments. Experiments show that, for different types of sites, web crawler design based on template matching keeps a number of crawled pages in a certain size to crawl within (in the experiments, three types of webs were crawled and the number of pages to be crawled was confined between88and129). Due to the design of the prefix matching crawling strategy, the design of web crawlers achieves high robustness by the setting of insensitiveness to page depth.On the other hand, the black box detection of SQL injection vulnerabilities rely on a predefined set of simulated attacks, which contains all possible hacker attacks, so how to improve the set of simulated attacks in order to achieve effective coverage of possible hacker attacks has become the focus of another study in this paper. However, Studies on the construction of simulated attacks in the current security domain is not very mature in the practical application.And the domestic and foreign relevant researchers prefer to solve new means of attacks while ignoring the cases that the hacker might use the variant form of the existing attacks to implement a successful attack. This paper based on the study of testing coverage idea in the field of software test, conducted mathematical modeling of SQLI vulnerability test set covering problem, transformed the coverage problem of attack method into general mathematical problem that vertex cover problem is a similar solution to the attack coverage problem,, to obtain the optimal solution for the problem of attack coverage. We propose the SQL injection vulnerability digging based on the automatic expansion of the knowledge library, and through the study of various mutated forms of current SQL injection attacks sum up the changes in a variety of different modes of SQL injection attacks and apply these modes of changes into the existing model of simulated attack set to expand the detection means. The new method of simulated attack set can not only scan the server coding vulnerability, but also detect inadequate security mechanisms currently deployed, which thus effectively prevents SQL injection attacks against the targeted site. Experiments show that the expansion of the vulnerability detection rate above80%, although the time before the exact cost of the extended than expand, but the gap is not obvious gap between the experimental results of three basic control within5seconds.This paper verifies two solutions proposed by experiments, which shows the reader the realization principles and steps of the solution, and inspects accuracy, scalability, usability and robustness through various aspects. In the last of the paper, we conducted a systematic summary of the study and predict the future development of SQL injection vulnerability detection techniques.