Design And Implementation Of Experimental Teaching System Based On MySQL Database Security

With the rapid development of the Internet, data has become more and more significant. As one of the main storage of data, the database assumes an important role in the protection of data. In recent years, the means of attack have emerged one after another, in which SQL injection is particularly prominent, and has become to be an important factor of affecting database security. At the same time, a variety of network cloud courses have preferred by a growing number of users. Although the network courses are increasingly perfect, a clear and rich experimental environment targeted teaching system is lacking in some teaching field.Therefore, it is urgent to design a safe and reliable experimental teaching system.In this paper, the theory and implementation of SQL injection is discussed, and the existing of SQL injection defense methods are analyzed and compared. In addition, the SQL injection defense model based on pattern matching is discussed drastically, and two kinds of multi pattern matching algorithm are compared, finally we will propose a forward and reverse SQL injection defense model. At the same time, the LAMP architecture was analyzed and the existing load balancing method is studied in this paper. Finally a perfect experimental teaching system was designed and implemented, which meets the needs of the experimental hierarchy and the experimental environment.The main work of this paper is as follows:(1) A forward and reverse SQL injection defense model is proposed,which is divided into two parts: benign SQL matching and malicious SQL matching. By analyzing the problems existing in the existing pattern list library, We presents an optimization method of the schema list library,and applies this method to the benign SQL matching module and the malicious SQL matching module. In addition, in the benign SQL matching also used the hash method, and in the malicious SQL matching WM matching algorithm is used to match patterns. Finally, the validity of the forward and reverse SQL injection defense model and the efficiency of the matching process are verified by the security test, which solves the problem that the SQL injection defense can not be well balanced in the two aspects of security and efficiency.(2) By analyzing the security problems of integer parameters, a general method of SQL injection defense for integer parameters is given by AES symmetric encryption algorithm.(3) Design and implementation of the experimental teaching system,including system architecture design, load balancing design, database design, the module design, the realization of the module and the technical difficulties of each module solution design, and the system function modules in detail test, verify that the experimental teaching system modules have been achieved.