计算机科学 ›› 2021, Vol. 48 ›› Issue (7): 70-76.doi: 10.11896/jsjkx.200600010
所属专题: 人工智能安全
程希, 曹晓梅
CHENG Xi, CAO Xiao-mei
摘要: 目前,基于传统机器学习的SQL注入攻击检测的准确度仍有待提高,产生这一问题的主要原因是:在提取特征向量时,若选择的特征向量过多,则会导致模型过拟合,并影响算法的效率;若选择的特征向量过少,则会产生大量的误报数和漏报数。针对这一问题,文中提出了一种基于信息携带的SQL注入攻击检测方法SQLIA-IC。SQLIA-IC在机器学习的检测基础上加入了标记器和内容匹配模块,标记器用于检测样本中的敏感信息,内容匹配模块用于对样本进行特征项匹配,以达到二次判断的目的。为了提高SQL注入攻击检测的效率,利用信息值简化机器学习和标记器的检测结果,在内容匹配模块中根据样本携带的信息值进行动态匹配。仿真实验结果表明,相比传统的机器学习方法,所提方法的准确率平均高出2.62%,精确率平均高出4.35%,召回率平均高出0.96%,而时间损耗仅增加了5 ms左右,便能够快速、有效地检测出SQL注入攻击。
中图分类号:
[1]JIA Z P,FANG B X,CUI X.ArkHoney:AWeb honeypot based on collaborative mechanism [J].Chinese Journal of Computers,2018,41(2):413-425. [2]OWASP T T.Category:OWASP_TopTen_Projec[EB/OL].[2017].http://owasp.org/index.php/Top10. [3]MITROPOULOS D,LOURIDAS P,POLYCHRONAKIS M,et al.Defending against web application attacks:approaches,challenges and implications[J].IEEE Transactions,2019,16(2):188-203. [4]SU Z,WASSERMANN G.The essence of command injectionattacks in web applications[C]//The 33rd ACM Symposium on Principles of Programming Languages.ACM,2006:372-382. [5]BUEHRER G,WEIDE B W,SIVILOTTI P A G.Using parsetree validation to prevent SQL injection attacks[C]//The 5th International Workshop on Software Engineering and Middleware.ACM,2005:106-113. [6]KEMALIS K,TZOURAMANIS T.SQL-IDS:a specification-based approach for SQL-injection detection[C]//The 2008 ACM Symposium on Applied Computing.ACM,2008:2153-2158. [7]NANDA S,LAM L C,CHIUEH T.Dynamic multiprocess information flow tracking for web application security[C]//The 2007 International Conference on Middleware Companion.ACM,2007:1-20. [8]HEDIN D,BIRGISSON A,BELLO L,et al.JSFlow:Trackinginformation flow in javascript and its APIs[C]//The 29th Annual ACM Symposium on Applied Computing.ACM,2014:1663-1671. [9]GIFFIN D B,LEVY A,STEFAN D,et al.Hails:protecting data privacy in untrusted web applications[C]//The 10th USENIX Conference on Operating Systems Design and Implementation.USENIX Association,2012:47-60. [10]ZHANG L,CUI Y,LIU J.Application of machine learning in cyberspace security research[J].Chinese Journal of Computers,2018,41(9):1943-1975. [11]LIANG L M,LIU B W,YANG H L,et al.Supervised retinal vessel extraction based on multi-feature fusion[J].Chinese Journal of Computers,2018,41(11):2566-2580. [12]HE G C,LIU X B.Unsupervised visual representation learning based on image triples mining[J].Chinese Journal of Compu-ters,2018,41(12):2787-2803. [13]QIN Y,DING S F.A review of semi-supervised clustering[J].Computer Science,2019,46(9):15-21. [14]HUANG J H,DING Y Z,XIAO L,et al.A Cache Scheduling Scheme for Embedded System Resistance Against Denial of Service Attacks Based on Reinforcement Learning[J].Computer Science,2020,47(7):282-286. [15]HABIBI G,SURANTHA N.XSS attack detection with machine learning and n-Gram methods[C]//2020 International Confe-rence on Information Management and Technology (ICIMTech).IEEE,2020:516-520. [16]WEI M,LIU Y,CHEN X,et al.Decision tree applied in web-based intrusion detection system[C]//2010 Second Internatio-nal Conference on Future Networks.IEEE,2010:110-113. [17]DENG X B,YE Y M,LI H B,et al.An improved random forest approach for detection of hidden web search interfaces[C]//2008 International Conference on Machine Learning and Cybernetics.Kunming,IEEE,2008:1586-1591. [18]PATIL R C,PATIL D R.Web spam detection using SVM classifier[C]//2015 IEEE 9th International Conference on Intelligent Systems and Control (ISCO).IEEE,2015:1-4. [19]KAMTUO K,SOOMLEK C.Machine learning for SQL injec-tion prevention on server-side scripting[C]//2016 International Computer Science and Engineering Conference (ICSEC).IEEE,2016:1-6. [20]SUN F Z,ZHANG P,WHITE J,et al.A feasibility study of autonomically detecting in-process cyber-attacks[C]//The 3rd IEEE International Conference on Cybernetics.IEEE,2017:1-8. [21]WU S H,CHENG S B,HU Y.Web attack detection technology based on SVM [J].Computer Science,2015,42(S1):362-364. [22]UWAGBOLE S O,BUCHANAN W J,FAN L.Numerical encoding to tame SQL injection attacks[C]//NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium.2016:1253-1256. [23]HU F S,LI C,WANG M,et al.SQL injection detection scheme based on machine learning[J].Computer Engineering and Design,2019,40(6):1554-1558. [24]KOMIYA R,PAIK I,HISADA M.Classification of maliciousweb code by machine learning[C]//2011 3rd International Conference on Awareness Science and Technology(iCAST).IEEE,2012.406-411. [25]LI Q,LI W,WANG J,et al.A SQL injection detection method based on adaptive deep forest[J].IEE EAccess,2019,7(7):145385-145394. [26]LI Q,WANG F,WANG J F,et al.LSTM-Based SQL injection detection method for intelligent transportation system[J].IEEE Transactions on Vehicular Technology,2019,68(5):4182-4191. [27]DAS D,SHARMA U,BHATTACHARYYA D K.DefeatingSQL injection attack in authentication security:an experimental study[J].International Journal of Information Security,2019,18(1):1-22. |
[1] | 冷典典, 杜鹏, 陈建廷, 向阳. 面向自动化集装箱码头的AGV行驶时间估计 Automated Container Terminal Oriented Travel Time Estimation of AGV 计算机科学, 2022, 49(9): 208-214. https://doi.org/10.11896/jsjkx.210700028 |
[2] | 宁晗阳, 马苗, 杨波, 刘士昌. 密码学智能化研究进展与分析 Research Progress and Analysis on Intelligent Cryptology 计算机科学, 2022, 49(9): 288-296. https://doi.org/10.11896/jsjkx.220300053 |
[3] | 何强, 尹震宇, 黄敏, 王兴伟, 王源田, 崔硕, 赵勇. 基于大数据的进化网络影响力分析研究综述 Survey of Influence Analysis of Evolutionary Network Based on Big Data 计算机科学, 2022, 49(8): 1-11. https://doi.org/10.11896/jsjkx.210700240 |
[4] | 李瑶, 李涛, 李埼钒, 梁家瑞, Ibegbu Nnamdi JULIAN, 陈俊杰, 郭浩. 基于多尺度的稀疏脑功能超网络构建及多特征融合分类研究 Construction and Multi-feature Fusion Classification Research Based on Multi-scale Sparse Brain Functional Hyper-network 计算机科学, 2022, 49(8): 257-266. https://doi.org/10.11896/jsjkx.210600094 |
[5] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[6] | 张光华, 高天娇, 陈振国, 于乃文. 基于N-Gram静态分析技术的恶意软件分类研究 Study on Malware Classification Based on N-Gram Static Analysis Technology 计算机科学, 2022, 49(8): 336-343. https://doi.org/10.11896/jsjkx.210900203 |
[7] | 陈明鑫, 张钧波, 李天瑞. 联邦学习攻防研究综述 Survey on Attacks and Defenses in Federated Learning 计算机科学, 2022, 49(7): 310-323. https://doi.org/10.11896/jsjkx.211000079 |
[8] | 肖治鸿, 韩晔彤, 邹永攀. 基于多源数据和逻辑推理的行为识别技术研究 Study on Activity Recognition Based on Multi-source Data and Logical Reasoning 计算机科学, 2022, 49(6A): 397-406. https://doi.org/10.11896/jsjkx.210300270 |
[9] | 姚烨, 朱怡安, 钱亮, 贾耀, 张黎翔, 刘瑞亮. 一种基于异质模型融合的 Android 终端恶意软件检测方法 Android Malware Detection Method Based on Heterogeneous Model Fusion 计算机科学, 2022, 49(6A): 508-515. https://doi.org/10.11896/jsjkx.210700103 |
[10] | 李亚茹, 张宇来, 王佳晨. 面向超参数估计的贝叶斯优化方法综述 Survey on Bayesian Optimization Methods for Hyper-parameter Tuning 计算机科学, 2022, 49(6A): 86-92. https://doi.org/10.11896/jsjkx.210300208 |
[11] | 赵璐, 袁立明, 郝琨. 多示例学习算法综述 Review of Multi-instance Learning Algorithms 计算机科学, 2022, 49(6A): 93-99. https://doi.org/10.11896/jsjkx.210500047 |
[12] | 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧. 基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm 计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106 |
[13] | 曹扬晨, 朱国胜, 孙文和, 吴善超. 未知网络攻击识别关键技术研究 Study on Key Technologies of Unknown Network Attack Identification 计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044 |
[14] | 王飞, 黄涛, 杨晔. 基于Stacking多模型融合的IGBT器件寿命的机器学习预测算法研究 Study on Machine Learning Algorithms for Life Prediction of IGBT Devices Based on Stacking Multi-model Fusion 计算机科学, 2022, 49(6A): 784-789. https://doi.org/10.11896/jsjkx.210400030 |
[15] | 许杰, 祝玉坤, 邢春晓. 机器学习在金融资产定价中的应用研究综述 Application of Machine Learning in Financial Asset Pricing:A Review 计算机科学, 2022, 49(6): 276-286. https://doi.org/10.11896/jsjkx.210900127 |
|