Research of SQL Injection Detection Based on SVM and Text Feature Extraction

doi:10.3969/j.issn.1671-1122.2017.12.008

Abstract

Abstract:

SQL injection attack has the characteristics of great damage, various attacking types, quick mutation and concealment, which attract widespread attention. A SQL detection technology, which combined machine learning and natural language statistics, was proposed in this paper based on support vector machine (SVM) and text feature vector extraction. detection process was divided into three parts including text analysis, feature extraction and classification. Additionally, SQL injection detection process include text collection, basic feature extraction, statistics of deformation features, text space vector model construction, model training, classifier generation, classification and obtaining classification results. It was corroborated by experimental results that SQL injection detection based on SVM and text feature vector extraction was efficient in classification. Besides, according to evaluation methods including edge curve, confusion matrix, effect analysis, sensitivity analysis and specificity analysis, which were conducted in the machine learning evaluation training model, the SQL injection detection classification model obtained through learning had relatively high detection rate.

Key words: SVM, text feature, SQL injection, detection, extraction

CLC Number:

TP309.1

Hongling LI, Jianxin ZOU. Research of SQL Injection Detection Based on SVM and Text Feature Extraction[J]. Netinfo Security, 2017, 17(12): 40-46.

Figures/Tables 13

References 14

[1]	BOYD S W, KEROMYTIS A D. SQLrand: Preventing SQL Injection Attacks[EB/OL]. , 2004-3-10.
[2]	田玉杰,赵泽茂,王丽君,等. 基于分类的SQL注入攻击双层防御模型研究[J]. 信息网络安全,2015(6):1-6.
[3]	刘文生,乐德广,刘伟. SQL注入攻击与防御技术研究[J]. 信息网络安全,2015(9):129-134.
[4]	尹红. 网络攻击与防御技术研究[J]. 计算机安全,2007(8):47-52.
[5]	邓诗琪,刘晓明,武旭东,等 . Web服务器攻击日志分析研究[J]. 信息网络安全,2016(6):56-61.
[6]	SALTON G, MCGILL M J.Introduction to Modern Information Retrieval[M]. New York :McGraw-Hill Inc., 1983.
[7]	SALTON G, BUCKLEY C.Term-weighting Approaches in Automatic Text Retrieval[J]. Information Processing & Management, 1988, 24(5):513-523.
[8]	VAPNIK V N.The Nature of Statistical Learning Theory[J]. Neural Networks IEEE Transactions on, 1995, 8(6):988-999.
[9]	VAPNIK V, CHAPELLE O.Bounds on Error Expectation for Support Vector Machines[J]. Neural Computation, 2000, 12(9):2013-2036.
[10]	苏金树,张博锋,徐昕. 基于机器学习的文本分类技术研究进展[J]. 软件学报,2006,17(9):1848-1859.
[11]	李鑫,张维纬,隋子畅,等. 新型SQL注入及其防御技术研究与分析[J]. 信息网络安全,2016(2):66-73.
[12]	HOEFFDING W.A Class of Statistics with Asymptotically Normal Distribution[J]. The Annals of Mathematical Statistics, 1948,19(3):293-325.
[13]	刘笑杭. SQL注入漏洞检测研究[D].杭州:杭州电子科技大学,2014.
[14]	LANDIS J R, KOCH G G.An Application of Hierarchical Kappa-type Statistics in the Assessment of Majority Agreement among Multiple Observers[J]. Biometrics, 1977, 33(2):363-374.

[1]	Rong WANG, Chunguang MA, Peng WU. An Intrusion Detection Method Based on Federated Learning and Convolutional Neural Network [J]. Netinfo Security, 2020, 20(4): 47-54.
[2]	Lingyu BIAN, Linlin ZHANG, Kai ZHAO, Fei SHI. Ethereum Malicious Account Detection Method Based on LightGBM [J]. Netinfo Security, 2020, 20(4): 73-80.
[3]	Zhiyan ZHAO, Xiaomo JI. Research on the Intelligent Fusion Model of Network Security Situation Awareness [J]. Netinfo Security, 2020, 20(4): 87-93.
[4]	Zhaojun GU, Yitong REN, Chunbo LIU, Zhi WANG. Intranet Log Anomaly Detection Model Based on Conformal Prediction [J]. Netinfo Security, 2020, 20(3): 45-50.
[5]	Wenhua LUO, Caidian XU. Network Intrusion Detection Based on Improved MajorClust Clustering [J]. Netinfo Security, 2020, 20(2): 14-21.
[6]	Zongping LÜ, Chundi ZHAO, Zhaojun GU, Jingxian ZHOU. Dynamic Detection of Ransomware Based on Stacking Model Fusion [J]. Netinfo Security, 2020, 20(2): 57-57.
[7]	Hao ZHANG, Long CHEN, Zhiqiang WEI. Abnormal Traffic Detection Technology Based on Data Augmentation and Model Update [J]. Netinfo Security, 2020, 20(2): 66-74.
[8]	Tao JING, Wei WAN. Research on a P2P Network Communication Behavior Analytical Method for Status Migration Attribute-oriented [J]. Netinfo Security, 2020, 20(1): 16-25.
[9]	Xiaoran LI, Rong HAO, Jia YU. Certificateless Provable Data Possession with Data Uploading Control [J]. Netinfo Security, 2020, 20(1): 83-88.
[10]	Xin SONG, Kai ZHAO, Linlin ZHANG, Wenbo FANG. Research on Android Malware Detection Based on Random Forest [J]. Netinfo Security, 2019, 19(9): 1-5.
[11]	Jian KANG, Jie WANG, Zhengxu LI, Guangda ZHANG. A Model for Anomaly Intrusion Detection with Different Feature Extraction Strategies in IoT [J]. Netinfo Security, 2019, 19(9): 21-25.
[12]	Like CHEN, Shuhua RUAN, Xingshu CHEN, Haizhou WANG. Research on Intelligent Detection of Social Media Robot Accounts [J]. Netinfo Security, 2019, 19(9): 96-100.
[13]	Wenying FENG, Xiaobo GUO, Yuanye HE, Cong XUE. Intrusion Detection Model Based on Feedforward Neural Network [J]. Netinfo Security, 2019, 19(9): 101-105.
[14]	Liangchen CHEN, Baoxu LIU, Shu GAO. Research on Traffic Data Sampling Technology in Network Attack Detection [J]. Netinfo Security, 2019, 19(8): 22-28.
[15]	Yongcheng DUAN, Yuqing WANG, Xin LI, Le YANG. RSAR-based Random Forest Network Security Situation Factor Extraction [J]. Netinfo Security, 2019, 19(7): 75-81.