基于改进BP神经网络的SQL注入识别

doi:10.11896/JsJkx.191200054

摘要/Abstract

摘要： 当代对于SQL注入类型的攻击防御系统,大多研究是从静态单句过滤威胁语句的角度来进行设计。鉴于其较低的注入语句识别率以及较高的误报率,提出双层SQL注入防御模型,将注入的过程连续化后进行动态建模分析,并引入BP神经网络进行自学习与自修正。交叉验证实验表明,在Apache+MySQL环境中,所提模型有较高的注入识别率,对于正在遭受SQL注入的识别具有一定的优势。

关键词: Apache+MySQL环境, BP神经网络, SQL注入, 数据包, 双层防御体系

Abstract: At present,the attack defense system of SQL inJection type is mostly designed from the perspective of static single sentence filtering threat statements.In view of its low inJection statement recognition and high false positives,a double-layer SQL inJection defense model is proposed.After the inJection process is continuous,dynamic modeling analysis is carried out,and BP neural network is introduced for self-learning and self-correction.Experiments show that in the Apache＋MySQL environment,this model has a high inJection recognition rate,which has certain advantages for the recognition of SQL inJection.

Key words: Apache＋MySQL environment, BP neural network, Data package, double layer defense system, SQL inJection

中图分类号:

TP393

诸珺文. 基于改进BP神经网络的SQL注入识别[J]. 计算机科学, 2020, 47(6A): 352-359. https://doi.org/10.11896/JsJkx.191200054

ZHU Jun-wen. SQL InJection Recognition Based on Improved BP Neural Network[J]. Computer Science, 2020, 47(6A): 352-359. https://doi.org/10.11896/JsJkx.191200054

参考文献

[1] 陈波,于泠,肖军模.计算机系统安全原理与技术.北京:机械工业出版社,2009.
[2] SUI M.Network security situation assessment model based on information fusion [J].Digital Communication World,2019(8):153.
[3] WANG X P.Computer network security analysis modelingbased on deep learning algorithm .Electronic Technology and Software Engineering,2019(16):195-196.
[4] LI X,DUAN Y C.Network security situation assessment methodbased on Improved Hidden Markov model .Computer Science,2020,47(5):1-5.
[5] YE M X.Design and research of SQL inJection vulnerabilityscanning system based on Web .Electronic Design Enginee-ring,2019,27(16):20-23,28.
[6] TIAN Y J,ZHAO Z M,WANG L J,et al.Research on the double layer defense model of SQL inJection attack based on classification .Information Network Security,2015(6):1-6.
[7] LU J Y,XIONG Y S,CHEN W,et al.Cyber security defense model based on spark .Electronic Technology and Software Engineering,2019(17):184-185.
[8] HOU P.SQL inJection attack model based on SGM model .Journal of Anyang Normal University,2019(2):38-43.
[9] KUGU Z Z.Public management paradigm of Japanese super intelligent society .Shanghai Quality,2019(7):25-26.
[10] SUN T T.Characteristics and challenges of intelligent society .Shanghai:Shanghai Academy of Social Sciences,2018.
[11] ZHANG Q Q,YOU J S,GAO Y F.Overview of big data forensics technology .Information Security Research,2017,3(9):795-802.

相关文章 15

[1]	徐佳楠, 张天瑞, 赵伟博, 贾泽轩. 面向供应链风险评估的改进BP小波神经网络研究 Study on Improved BP Wavelet Neural Network for Supply Chain Risk Assessment 计算机科学, 2022, 49(6A): 654-660. https://doi.org/10.11896/jsjkx.210800049
[2]	朱旭辉, 沈国娇, 夏平凡, 倪志伟. 基于螺旋进化萤火虫算法和BP神经网络的模型及其在PPP融资风险预测中的应用 Model Based on Spirally Evolution Glowworm Swarm Optimization and Back Propagation Neural Network and Its Application in PPP Financing Risk Prediction 计算机科学, 2022, 49(6A): 667-674. https://doi.org/10.11896/jsjkx.210800088
[3]	刘宝宝, 杨菁菁, 陶露, 王贺应. 基于DE-LSTM模型的教育统计数据预测研究 Study on Prediction of Educational Statistical Data Based on DE-LSTM Model 计算机科学, 2022, 49(6A): 261-266. https://doi.org/10.11896/jsjkx.220300120
[4]	黄国兴, 杨泽铭, 卢为党, 彭宏, 王静文. 利用粒子滤波方法求解数据包络分析问题 Solve Data Envelopment Analysis Problems with Particle Filter 计算机科学, 2022, 49(6A): 159-164. https://doi.org/10.11896/jsjkx.210600110
[5]	夏静, 马中, 戴新发, 胡哲琨. 基于BP神经网络的智能云效能模型 Efficiency Model of Intelligent Cloud Based on BP Neural Network 计算机科学, 2022, 49(2): 353-367. https://doi.org/10.11896/jsjkx.201100140
[6]	程希, 曹晓梅. 基于信息携带的SQL注入攻击检测方法 SQL Injection Attack Detection Method Based on Information Carrying 计算机科学, 2021, 48(7): 70-76. https://doi.org/10.11896/jsjkx.200600010
[7]	郭福民, 张华, 胡瑢华, 宋岩. 一种基于表面肌电信号的腕部肌力估计方法研究 Study on Method for Estimating Wrist Muscle Force Based on Surface EMG Signals 计算机科学, 2021, 48(6A): 317-320. https://doi.org/10.11896/jsjkx.200600021
[8]	程铁军, 王曼. 基于变权组合的突发事件网络舆情趋势预测 Network Public Opinion Trend Prediction of Emergencies Based on Variable Weight Combination 计算机科学, 2021, 48(6A): 190-195. https://doi.org/10.11896/jsjkx.200600094
[9]	石琳姗, 马创, 杨云, 靳敏. 基于SSC-BP神经网络的异常检测算法 Anomaly Detection Algorithm Based on SSC-BP Neural Network 计算机科学, 2021, 48(12): 357-363. https://doi.org/10.11896/jsjkx.201000086
[10]	周俊, 尹悦, 夏斌. 基于LSTM神经网络的声发射信号识别研究 Acoustic Emission Signal Recognition Based on Long Short Time Memory Neural Network 计算机科学, 2021, 48(11A): 319-326. https://doi.org/10.11896/jsjkx.210700034
[11]	焦东来, 王浩翔, 吕海洋, 徐轲. 基于手机传感器轨迹的路面地物检测方法 Road Surface Object Detection from Mobile Phone Based Sensor Trajectories 计算机科学, 2021, 48(11A): 283-289. https://doi.org/10.11896/jsjkx.210200145
[12]	周立鹏, 孟利民, 周磊, 蒋维, 董建平. 基于BP神经网络的摔倒检测算法 Fall Detection Algorithm Based on BP Neural Network 计算机科学, 2020, 47(6A): 242-246. https://doi.org/10.11896/JsJkx.191000077
[13]	宋岩, 胡瑢华, 郭福民, 袁新亮, 熊睿洋. 基于sEMG的改进SVM+BP肌力预测分层算法 Improved SVM+BP Algorithm for Muscle Force Prediction Based on sEMG 计算机科学, 2020, 47(6A): 75-78. https://doi.org/10.11896/JsJkx.190900143
[14]	陈燕文,李坤,韩焱,王燕平. 基于MFCC和常数Q变换的乐器音符识别 Musical Note Recognition of Musical Instruments Based on MFCC and Constant Q Transform 计算机科学, 2020, 47(3): 149-155. https://doi.org/10.11896/jsjkx.190100224
[15]	刘晓彤,王伟,李泽禹,沈思婉,姜小明. 基于改进BP神经网络的尿液中红白细胞识别算法 Recognition Algorithm of Red and White Cells in Urine Based on Improved BP Neural Network 计算机科学, 2020, 47(2): 102-105. https://doi.org/10.11896/jsjkx.191100195

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed