Visible to the public SQL Injection Attack and Detection Based on GreenSQL Pattern Input Whitelist

TitleSQL Injection Attack and Detection Based on GreenSQL Pattern Input Whitelist
Publication TypeConference Paper
Year of Publication2020
AuthorsLin, P., Jinshuang, W., Ping, C., Lanjuan, Y.
Conference Name2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)
Date PublishedSept. 2020
ISBN Number978-1-7281-8304-6
KeywordsBig Data, command injection attacks, composability, dangerous threat, database management systems, database protection, Databases, firewalls, Firewalls (computing), GreenSQL, GreenSQL database firewall, GreenSQL learning, GreenSQL pattern input whitelist, Information systems, input model, intercept samples, Internet, internet technology, IP networks, Metrics, optimized whitelist, Pattern, patterned input, pubcrawl, resilience, Resiliency, SQL, SQL Injection, SQL injection attack, SQL injection attack command, Whitelist, Whitelists, working mode

With the rapid development of Internet technology, the era of big data is coming. SQL injection attack is the most common and the most dangerous threat to database. This paper studies the working mode and workflow of the GreenSQL database firewall. Based on the analysis of the characteristics and patterns of SQL injection attack command, the input model of GreenSQL learning is optimized by constructing the patterned input and optimized whitelist. The research method can improve the learning efficiency of GreenSQL and intercept samples in IPS mode, so as to effectively maintain the security of background database.

Citation Keylin_sql_2020