The Technology Of SQL Injection Vulnerability Mining Based On GAN

SQL injection vulnerability is a widespread,harmful and rapidly growing web security vulnerability,which occurs in web applications where the code and data are not separated and the user input parameters are not validated.The SQL statements constructed by malicious users in the request parameters will be executed normally by the database server,resulting in system sensitive information being obtained and tampered with.The traditional SQL injection vulnerability detection method uses random strategy to generate test cases according to the existing template combination,and the generated samples have high repetition rate and low correlation with the scanning target,resulting in low detection efficiency and long time-consuming.The vulnerability detection method based on machine learning has the problem of obtaining a small amount of difficult data due to the sensitivity and particularity of vulnerability data,which leads to over-fitting or inability to learn features in model training.Based on the traditional SQL injection vulnerability detection technology and using the improved GAN model,this thesis proposes a vulnerability mining method which uses the dependency characteristics of the attack data to guide the test data generation.In order to ensure the training effect of the model and verify the proposed vulnerability mining method,a vulnerability data training set based on real data is constructed.In order to solve the problems of too many invalid requests,slow detection speed and poor pertinence caused by a large number of repeated samples produced by random strategy in traditional detection methods,a sample generation method of SQL injection attack based on GAN is proposed.Using the idea of GAN generation confrontation,considering the characteristics of attack data and the dependency characteristics of attack data,the database type,web framework and other dependencies are extracted and lexically analyzed,which are abstracted into feature vectors,which are used as conditional input to guide the generation of attack samples during model training.SQL injection detection samples are generated pertinently.The experimental results show that the vulnerability mining method proposed in this thesis can generate detection samples with target features according to the detection target,which is higher than similar detection methods in terms of detection quantity and request efficiency,and the time overhead is reduced by at least 50%.In order to solve the problems of SQL injection vulnerability data acquisition and manual collection of SQL injection attack statements and cleaning difficulties in machine learning methods,a variety of information collection schemes are proposed by using open source SQL injection tools and historical injection results.In order to solve the problem of low quality and difficult cleaning of manual collected SQL injection attack statements,the template library of SQLMAP attack statements and the attack statement generation mode are transplanted,and the attack statement generation tool is developed according to the model input requirements,which ensures the sample quality and reduces the manual data cleaning cost at the same time.Finally,a total of 6700 attack samples were collected.Aiming at the acquisition difficulty caused by the sensitivity of SQL injection vulnerabilities,the data obtained by legally scanning local vulnerability stations and attack and defense test stations are used to form a data set containing 3300 vulnerability data.The injection data and results obtained after the completion of the user vulnerability mining task will also be added to the data set and automatically trigger the training continuous update model according to the set training threshold.The experimental results show that SQL injection vulnerability mining has achieved good results based on the real dataset built at present,and the detection rate is increased by 10%.Using the method proposed in this thesis,a SQL injection vulnerability mining system is designed and implemented,which includes information collection,vulnerability mining,data storage,model training and other functions.Site feature extraction,attack data generation,mining result feedback and model retraining are realized.Through the testing of professional penetration testing technicians in the real environment,the system can accurately generate SQL injection attack statements according to the characteristics of the detection target,which improves the efficiency of SQL injection vulnerability mining and verifies the practicability and feasibility of the technical scheme studied.