论文信息 - The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior

The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior

According to the SQL injection attack process with the characteristic of connection, a detecting method was presented based on connective signatures filter, suitable for the traditional signatures matching algorithm. Using multiple member signatures which described by regular expression to filter the packets of hosts from Intranet. The experiment proves the validity and practicability of the detecting method.

Hao Wang | Jian Zhang | Jinsong Wang | Sheng Lin | Chengyi Xia

[1] Zhang Bo. SQL Injection Attack and Detection Technology , 2010 .

[2] Li Chang,et al. Design of SQL Injection Filtering Module Based on Regular Expression , 2011 .