Research on Real-time Online Intelligent Detection Technology of SQL Injection Behavior

 In order to solve the problem that traditional methods cannot achieve a good balance between the accuracy and efficiency of SQL injection behavior detection in the real-time high-speed network traffic environment， this paper proposes a method for real-time detection method of SQL injection behavior based on deep learning construction model, and constructs a detection network model called SQLNN based on Convolutional Neural Networks (CNN) and introduces a fast Fourier transform layer. Based on this model, an online detection and adaptive training framework for SQL injection behavior is proposed. For our detection framework, the detection accuracy of the SQL injection statements reaches 99.98%, and it can detect about 10 000 packets containing SQL statements per second. Therefore, it can satisfy the requirements of real-time online detection of SQL injection attacks for detection accuracy and efficiency.

Keywords:  SQL injection,  real-time detection,  Convolutional Neural Networks(CNN),  Fast Fourier Transformation(FFT)

WANG D，ZHAO W B，DING Z M. Review of detection for injection vulnerability of web applications [J]. Journal of Beijing University of Technology，2016，42(12)：1822—1832.(In Chinese)

HALFOND W G J，ORSO A. AMNESIA：analysis and monitoring for neutralizing SQL-injection attacks [C]//The Proceedings of the 20th IEEE/ACM International Conference on Automated Software Engineering. Long beach，California：ACM，2005：174—183.

ZHANG Z. SQL injection attack techniques and countermeasures analysis [D].Shanghai：School of Information Security Engineering，Shanghai Jiaotong University，2007：52—64.(In Chinese)

FANG S. Research and implementation of web application firewall based on feature matching[D]. Hefei：School of Computer Science and Technology，Anhui University，2014：36—47.(In Chinese)

SUN Y，HU Y J，HUANG H. SQL injection attack detection method based on sequence alignment [J].Computer Application Research， 2010，27(9)：3525—3528.(In Chinese)

SHI C C，ZHANG T，YU Y. Research and Implementation of SQL injection protection method based on syntax tree feature matching[C]//Proceedings of 2010 The 3rd International Conference on Computational Intelligence and Industrial Application. Wuhan： IEEE，2010：192—196.(In Chinese)

WANG J. Research on SQL injection defense based on abstract syntax -tree[D]. Wuhan：Wuhan Institute of Posts and Telecommunications，2018：28—40.(In Chinese)

JOSHI A，GEETHA V. SQL injection detection using machine learning[C]//2014 International Conference on Control，Instrumentation， Communication and Computational Technologies (ICCICCT). Tamilnadu，India：IEEE，2014：1111—1115.

ZHANG D F. SQL injection detection based on machine learning[D].Chongqing：School of Computer，Chongqing University of Posts and Telecommunications，2017：31—45.(In Chinese)

KIMM Y，DONG H L. Data-mining based SQL injection attack detection using internal query trees[J]. Expert Systems with Applications，2014，41(11)：5416—5430.

ZHAOY F，XIONG G，HE L T，et al. SQL injection behavior detection method for network environment [J]. Journal of Communications，2016，37(2)：88—97.(In Chinese)

ZHANG Z C. Research and implementation of SQL injection attack vulnerability detection based on neural network [D]. Beijing： School of Computer，Beijing University of Technology，2016：17— 26.(In Chinese)

ZHANG Z C，WANG D，ZHAO W B，et al. A SQL injection vulnerability detection model based on neural network [J].Computer and Modernization，2016(10)：67—71.(In Chinese)

FANG Z Q. Research on cross-site scripting attack detection based on deep learning[D]. Changsha：School of Information Science and Engineering，Hunan University，2018：33—43.(In Chinese)