计算机科学 ›› 2019, Vol. 46 ›› Issue (1): 201-205.doi: 10.11896/j.issn.1002-137X.2019.01.031
尹中旭, 张连成
YIN Zhong-xu, ZHANG Lian-cheng
摘要: 注入类漏洞是动态Web应用程序中广泛存在的漏洞。文中对注入漏洞产生和利用的必要条件进行分析,并利用相关方法针对注入变量的不同类型(数字型、字符型和搜索型)进行区分防范;对宿主语言和对象语言进行分析,定位出了SQL语句中的查询变量及其类型;在控制流图的基础上,构建了包含source点和sink点的数据依赖关系子图;针对该子图,设计了过滤器插入算法,定义了不同输入数据类型和查询类型的过滤策略;随后,实现了基于数据流分析以及在相关数据库操作之前自动插入过滤器的方案;最后对提出的方案进行了分析测试,结果验证了所提方案的有效性。
中图分类号:
[1]OWASP Top 10-2013[EB/OL].https://www.owasp.org/images/f/f8/OWASP_Top_10_-_2013.pdf.2013/2014-08-21.<br /> [2]2016年中国互联网安全报告[EB/OL].http://zt.360.cn/1101061855.php?dtid=1101062370&did=490280697.<br /> [3]BOYD S W,KEROMYTIS A D.SQLrand:Preventing SQL Injection Attacks[M].New Ywork:Springer Berlin Heidelberg,2004:292-302.<br /> [4]GOULD C,SU Z,DEVANBU P.Static checking of dynamically generated queries in database applications[J].Acm Transactions on Software Engineering & Methodology,2004,16(4):645-654.<br /> [5]LE D G,LI X,GONG S R,et al.Research on second-order SQL injection techniques[J].Journal on Communications,2015,36(S1):85-93.(in Chinese)<br /> 乐德广,李鑫,龚声蓉,等.新型二阶SQL注入技术研究[J].通信学报,2015,36(S1):85-93.<br /> [6]VALEUR F,MUTZ D,VIGNA G.A Learning-Based Approach to the Detection of SQL Attacks[C]//International Conference on Detection of Intrusions & Malware.2005:123-140.<br /> [7]GAURAV T,PHILIP K.CHAN.On the learning of system call attributes for host-based anomaly detection[J].International Journal on Artificial Intelligence Tools,2011,15(6):875-892.<br /> [8]TORRANO-GIMENEZ C,PEREZ-VILLEGAS A,ÁLVAREZ G.An Anomaly-based Web Application Firewall[C]//Security and Cryptography.2009:23-28.<br /> [9]UWAGBOLE S O,BUCHANAN W J,FAN L.Applied Web Traffic Analysis for Numerical Encoding of SQL Injection Attack Features[C]//Proceedings of the European Conference on Cyber Warfare and Security(Eccws 2016).2016.<br /> [10] ČISAR P,CˇISAR S M.The framework of runtime application self-protection technology[C]//International Symposium on Computational Intelligence and Informatics.IEEE,2017:000081-000086.<br /> [11]SENDIANG M,POLII A,MAPPADANG J.Minimization of SQL injection in scheduling application development[C]//International Conference on Knowledge Creation and Intelligent Computing.IEEE,2017:14-20.<br /> [12]MØLLER A.The Big Manual for the Java String Analyzer:Latest release:version 2.1-1,November 30,2009[J].Nucleic Acids Research,2012,40(14):6520-33.<br /> [13]SHELDON R.Transact-SQL Formatting Standards (Coding Styles)[EB/OL].https://www.red-gate.com/simple-talk/sql/t-sql-programming/transact-sql-formatting-standards-(coding-sty-les).<br /> [14]YAN M M,MUY M,HE Y J,et al.The Analysis of Function Calling Path in Java Based on Soot[J].Applied Mechanics & Materials,2014,568-570:1479-1487.<br /> [15]WebCastellum[EB/OL].https://sourceforge.net/projects/web-castellum/2014/2015-07-15. |
[1] | 胡安祥, 尹小康, 朱肖雅, 刘胜利. 基于数据流特征的比较类函数识别方法 Strcmp-like Function Identification Method Based on Data Flow Feature Matching 计算机科学, 2022, 49(9): 326-332. https://doi.org/10.11896/jsjkx.220200163 |
[2] | 蒋成满, 华保健, 樊淇梁, 朱洪军, 徐波, 潘志中. Python虚拟机本地代码的安全性实证研究 Empirical Security Study of Native Code in Python Virtual Machines 计算机科学, 2022, 49(6A): 474-479. https://doi.org/10.11896/jsjkx.210600200 |
[3] | 程希, 曹晓梅. 基于信息携带的SQL注入攻击检测方法 SQL Injection Attack Detection Method Based on Information Carrying 计算机科学, 2021, 48(7): 70-76. https://doi.org/10.11896/jsjkx.200600010 |
[4] | 诸珺文. 基于改进BP神经网络的SQL注入识别 SQL InJection Recognition Based on Improved BP Neural Network 计算机科学, 2020, 47(6A): 352-359. https://doi.org/10.11896/JsJkx.191200054 |
[5] | 李浩, 钟声, 康雁, 李涛, 张亚钏, 卜荣景. 融合领域知识的API推荐模型 API Recommendation Model with Fusion Domain Knowledge 计算机科学, 2020, 47(11A): 544-548. https://doi.org/10.11896/jsjkx.191200010 |
[6] | 万卓昊,徐冬冬,梁生,黄保华. 基于N-Gram的SQL注入检测研究 Study on SQL Injection Detection Based on N-Gram 计算机科学, 2019, 46(7): 108-113. https://doi.org/10.11896/j.issn.1002-137X.2019.07.017 |
[7] | 郭威, 于建江, 汤克明, 徐涛. 动态数据流分析的在线超限学习算法综述 Survey of Online Sequential Extreme Learning Algorithms for Dynamic Data Stream Analysis 计算机科学, 2019, 46(4): 1-7. https://doi.org/10.11896/j.issn.1002-137X.2019.04.001 |
[8] | 董加星,许畅. 一种面向功能类似程序的高效克隆检测技术 Efficient Clone Detection Technique for Functionally Similar Programs 计算机科学, 2017, 44(4): 12-15. https://doi.org/10.11896/j.issn.1002-137X.2017.04.003 |
[9] | 张弛,黄志球,丁泽文. 支持抽象解释的静态分析方法的形式化体系研究 Research on Static Analysis Formalism Supporting Abstract Interpretation 计算机科学, 2017, 44(12): 126-130. https://doi.org/10.11896/j.issn.1002-137X.2017.12.025 |
[10] | 张广梅,李景霞. 面向软件错误检测的数据流分析 Data-flow Analysis for Software Error Detection 计算机科学, 2016, 43(Z6): 497-501. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.117 |
[11] | 冬雨辰,王寒非,赵建华. 基于数据流分析的单链表可达性自动化验证 Automatic Verification of Singly Linked List Pointer’s Reachability Property Using Data-flow Analysis Method 计算机科学, 2015, 42(12): 47-51. |
[12] | 张杨,张冬雯,仇晶. 面向Java锁机制的字节码自动重构框架 Automated Refactoring Framework for Java Locks 计算机科学, 2015, 42(11): 84-89. https://doi.org/10.11896/j.issn.1002-137X.2015.11.017 |
[13] | 张海博,安虹,贺松涛,孙涛,王涛,彭毅,程亦超. 程序阶段性分析和阶段检测技术 Program Phase Analysis and Phase Detection Techniques 计算机科学, 2015, 42(1): 71-74. https://doi.org/10.11896/j.issn.1002-137X.2015.01.016 |
[14] | 李丹,王震宇,井靖,王国好. 基于路径约束的间接跳转目标地址识别 Recognition of Indirect Jump Targets Based on Trace Constraint 计算机科学, 2013, 40(Z6): 315-319. |
[15] | 冯谷,高鹏. 新型sQL注入技术研究与分析 Research and Analysis of the Novel SQI. Injection Technique 计算机科学, 2012, 39(Z11): 415-417. |
|