Design And Implementation Of SQL Injection Intelligent Detection Tool

The ever-changing Internet Web technology has brought convenience to human development,but it has also led to endless security problems.SQL injection is one of the most common types of injection vulnerability types that have been the leader of the OWASP[1]vulnerability rankings for decades.It has become important reasons for experts'research in recent years for high level of harm caused by data leakage and the variety of protection against protection.For the detection of SQL injection traffic,many mature commercial firewall products(WAF)have emerged at home and abroad,but there are shortcomings such as limited protection rules,poor readability and high maintenance costs.In the face of complex SQL injection variant traffic attacks,the academic community proposes an artificial intelligence-based solution,which implements the detection of malicious attacks by vectorizing the text and then transferring it to the classifier to detect.However,the lack of diverse data sets and incomplete feature vector extraction leads to the bottleneck of classification model detection performance.Based on the above analysis,this paper mainly carries out related work from the following three aspects:(1)Through in-depth analysis of the principle of SQL injection vulnerability and related component weakness,a random generation algorithm for SQL samples is proposed.Combined with the open source tool SQLMAP for secondary development,it can generate high-quality SQL samples,which can be even directed to bypass the firewall and improve the detection accuracy of the model.(2)The traditional method of extracting features of word segmentation is improved where the characteristics of multi-dimensional variant samples are combined and differential feature vectors are introduced to compensate for the information loss in feature extraction process.Through three rounds of targeted feature extraction,it achieve a general method to extract the feature adapt to both traditional SQL injection and variant SQL injection traffic,which enhances the integrity of feature extraction and the detection capability of unknown variant SQL inj ection.(3)Based on the deep forest classification algorithm,the SQL inj ection intelligent detection tool is designed and implemented.Through the iterative update of multiple data sources,the effect of iterative optimization on the model loop is realized,which alleviates the problem of lack of dataset to some extent,improves the detection accuracy of the model,and effectively suppresses the problem of over-fitting of the model.At the end of the paper,it mainly demonstrates the experimental performance from the two aspects of generating model performance and detecting model performance:the sample generation scheme is feasibly and effectively proved by comparing the effect of the sample generated against commercial WAF and the effect of directional bypassing firewall based on secondary development of SQLMAP.And the effectiveness of the feature engineering scheme is verified by comparing the classification performance of the characteristic engineering scheme and the previous research method in multiple machine learning models;What's more,the advantages of the detection model are verified by comparing respectively the performance and accuracy differences with deep learning models and shallow learning models in different proportions of black and white samples.Meanwhile,the sample generation algorithm is also proved to improve the detection accuracy of the model to some extent and suppresses over-fitting of the model.Finally,through the iterative update of multiple data sources,the detection accuracy of the offline detection model is generally increasing,which verifies the rationality of the design.