Research on the SQL injection filtering based on SQL syntax tree

Chen-wang HAN,Hui LIN,Chuan HUANG

doi:10.11959/j.issn.2096-109x.2016.00113

网络与信息安全学报 (Nov 2016)

Research on the SQL injection filtering based on SQL syntax tree

Chen-wang HAN,Hui LIN,Chuan HUANG

Affiliations

Chen-wang HAN,Hui LIN,Chuan HUANG: School of Mathematics and Computer Science,Fujian Normal University,Fuzhou 350117,China ； Fujian Provincial Key Laboratory of Network Security and Cryptology,Fujian Normal University,Fuzhou 350117,China

DOI: https://doi.org/10.11959/j.issn.2096-109x.2016.00113
Journal volume & issue: Vol. 2, no. 11
pp. 70 – 77

Abstract

Read online

The development of Web application make its areas become more and more widely.Followed by a security problem is becoming more and more serious,especially for the SQL injection attacks,which bring a huge challenge to the Web application security.A new SQL injection filtering method was proposed to detect SQL injection attack by introducing a security strategy based on SQL syntax tree to the design of the user input filtering.The experimental results show that the method can effectively prevent SQL injection attacks,and has higher recognition rate and lower rate of false positives.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords