Netinfo Security

Netinfo Security ›› 2017, Vol. 17 ›› Issue (9): 115-118.doi: 10.3969/j.issn.1671-1122.2017.09.027

• Orginal Article • Previous Articles     Next Articles

A New Detection Technique of SQL Injection Based on Hidden Markov Mode

Lianqun YANG1(), Kui MENG2, Bin WANG3, Yong HAN3   

  1. 1.Tianjin Binhai New Area Public Security Bureau, Tianjin 300456, China
    2.Shanghai Jiaotong University, Shanghai 200240, China
    3.Technical Reconnaissance Corps of Public Security Bureau, Tianjin 300010, China
  • Received:2017-08-01 Online:2017-09-20 Published:2020-05-12

RichHTML

5

PDF (PC)

154

Abstract:

SQL injection attacks pose a common threat to the security of Web applications. This paper proposed a new technique based on hidden Markov mode for protecting existing Web application against SQL injection.Features of SQL statements can be obtained by word segmentation parsing.We take bothhidden Markov mode and similarity distance methods,and identify the true illegal SQL statements.Experimental results prove that this proposed approach is simple and effectivefor detecting illegal SQL statements.

Key words: HMM, hidden Markov mode, SQL injection

CLC Number: