The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior

Hao Wang³,
Jinsong Wang³,
Jian Zhang³,
Sheng Lin³ &
…
Chengyi Xia³

Part of the book series: Advances in Intelligent and Soft Computing ((AINSC,volume 133))

104 Accesses

Abstract

According to the SQL injection attack process with the characteristic of connection, a detecting method was presented based on connective signatures filter, suitable for the traditional signatures matching algorithm. Using multiple member signatures which described by regular expression to filter the packets of hosts from Intranet. The experiment proves the validity and practicability of the detecting method.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic

£29.99 /Month

Get 10 units per month
Download Article/Chapter or eBook
1 Unit = 1 Article or 1 Chapter
Cancel anytime

Buy Now

Chapter: GBP 19.95; Price includes VAT (United Kingdom)

eBook: GBP 199.50; Price includes VAT (United Kingdom)

Softcover Book: GBP 249.99; Price includes VAT (United Kingdom)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

SQL Injection Attack Detection, Evidence Collection, and Notifying System Using Standard Intrusion Detection System in Network Forensics

Cybersecurity Issue and Online Information Source

DITA-NCG: Detecting Information Theft Attack Based on Node Communication Graph

References

OWASP held a Web security event and reading Web security trend, http://www.enet.com.cn/article/2010/0521/A20100521657157.shtml
Zhang, B.: SQL Injection Attack and Detection Technology. Information Security and Communications Privacy 5, 90–92 (2010)
Google Scholar
Li, Y.-P.: The Implementation of SQL Injection Attacks Scanning Analysis Tool and Research on Prevention Technology. Beijing jiaotong University School of Computer and Information Technology, Beijing (2010)
Google Scholar
Wang, W.-P., Li, C., Duan, G.-H.: Design of SQL Injection Filtering Module Based on Regular Expression. Computer Engineering 37, 158–160 (2011)
Google Scholar

Download references

Author information

Authors and Affiliations

School of Computer and Communication Engineering, Tianjin University of Technology, Tianjin, 300391, China
Hao Wang, Jinsong Wang, Jian Zhang, Sheng Lin & Chengyi Xia

Authors

Hao Wang
View author publications
You can also search for this author in PubMed Google Scholar
Jinsong Wang
View author publications
You can also search for this author in PubMed Google Scholar
Jian Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Sheng Lin
View author publications
You can also search for this author in PubMed Google Scholar
Chengyi Xia
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

South China Normal University, Guangzhou, 510631, China, People's Republic
Sabo Sambath
South China Normal University, Guangzhou, 510631, China, People's Republic
Egui Zhu

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Wang, H., Wang, J., Zhang, J., Lin, S., Xia, C. (2012). The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior. In: Sambath, S., Zhu, E. (eds) Frontiers in Computer Education. Advances in Intelligent and Soft Computing, vol 133. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27552-4_68

Download citation

DOI: https://doi.org/10.1007/978-3-642-27552-4_68
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27551-7
Online ISBN: 978-3-642-27552-4
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior

Abstract

Access this chapter

Subscribe and save

Buy Now

Preview

Similar content being viewed by others

SQL Injection Attack Detection, Evidence Collection, and Notifying System Using Standard Intrusion Detection System in Network Forensics

Cybersecurity Issue and Online Information Source

DITA-NCG: Detecting Information Theft Attack Based on Node Communication Graph

References

Author information

Authors and Affiliations

Editor information

Editors and Affiliations

Rights and permissions

Copyright information

About this chapter

Cite this chapter

Download citation

Publish with us

Subscribe and save

Buy Now

Navigation

The Research of Detecting SQL Injection Based on the Connectivity with Its Behavior

Abstract

Access this chapter

Subscribe and save

Buy Now

Preview

Similar content being viewed by others

SQL Injection Attack Detection, Evidence Collection, and Notifying System Using Standard Intrusion Detection System in Network Forensics

Cybersecurity Issue and Online Information Source

DITA-NCG: Detecting Information Theft Attack Based on Node Communication Graph

References

Author information

Authors and Affiliations

Editor information

Editors and Affiliations

Rights and permissions

Copyright information

About this chapter

Cite this chapter

Download citation

Share this chapter

Publish with us

Search

Navigation