| The SQL injection attack is mainly the intrusion of the database.It is also the most common database intrusion method at present,posing a great threat to network security.With the progress of science and technology and the rapid development of web applications,data assets have become the most important assets in the Internet.Because most of the data exists in the database,the attack methods against the database are endless.At present,researchers at home and abroad mainly divide the detection of SQL injection attacks into traditional methods and methods based on machine learning.Because there are a large number of the same fields between SQL injection statements and normal HTTP(Hyper Text Transfer Protocol)requests,The traditional detection method of direct matching keywords will cause a lot of problems of misjudgment and missing judgment.With the rapid development of machine learning,more and more scholars try to use machine learning to detect SQL injection attacks,but the detection time is too long,the efficiency is low and a lot of false positives are missed because the time complexity or the same string is ignored.Therefore,it is of great scientific significance to study a more efficient automatic identification method for various types and variants of SQL injection attacks in the field of information security.In order to improve the detection efficiency of SQL injection,this paper analyzes SQL injection statements from the perspective of semantics and studies the detection methods of SQL injection attack statements based on semantics.The main work is as follows:First,on the basis of analyzing the differences between SQL injection statements and normal requests at each stage,a method to detect key features of SQL injection statements is proposed.Combining natural language processing,word2 vec feature vectogram algorithm and SVM classification algorithm,a semantic-based SQL injection attack detection method is constructed.The experiment was carried out by installing the Content Management System(CMS)with SQL injection vulnerability.The experimental results show that compared with TF-IDF(term Frequency-inverse document frequency),Word frequency-inverse text frequency)and N-gram algorithm combined SQL injection attack detection method and direct use of word2 vec algorithm SQL injection attack detection method,in the detection effect has been significantly improved.After a detailed analysis of the deficiencies of TF-IDF in the classification of some specific SQL injection attack statements,a TF-WIDF algorithm was proposed to add the weight of a certain word in the same category of statements,and the optimized logistic regression model was used for binary detection. |
PDF Full Text Request