CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12714 > Article
Paper
26 June 2023 SQLDAF: SQL injection attack active defense system based on randomized method pool
Anqi Wang, Bei Yang, Jianhui Zhang, Yongxu Xing
Author Affiliations +
Proceedings Volume 12714, International Conference on Computer Network Security and Software Engineering (CNSSE 2023); 127140O (2023) https://doi.org/10.1117/12.2683433
Event: Third International Conference on Computer Network Security and Software Engineering (CNSSE 2023), 2023, Sanya, China
Abstract
Data is the most valuable resource of the Internet, attackers often use SQL injection attacks to destroy the database in order to obtain important data information in the database, and today's attack scene is complex, dynamic, multi-channel, non-linear, the existing defense detection technology cannot cope with unknown attacks, the existing instruction set randomization method may be broken by force. Aiming at the above problems, an active defense system of SQL injection attack based on randomization method pool is proposed. The randomization method pool and parallel executor are introduced to build the system framework. The result is decided whether to forward to the database after the decision maker votes, which no longer depends on prior knowledge. The attacker cannot use the system information obtained before to carry out the next effective attack. The formal representation and experimental results show that this method can effectively defend against SQL injection attacks.
© (2023) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Anqi Wang, Bei Yang, Jianhui Zhang, and Yongxu Xing "SQLDAF: SQL injection attack active defense system based on randomized method pool", Proc. SPIE 12714, International Conference on Computer Network Security and Software Engineering (CNSSE 2023), 127140O (26 June 2023); https://doi.org/10.1117/12.2683433
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 7 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Defense and security
Databases
Defense systems
Defense technologies
Design and modelling
Information security
Network security
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top