一种新型SQL注入攻击的研究与防范
首发时间:2015-10-21
摘要:针对一种以HTTP Headers为途径的新型SQL注入攻击进行了深入研究。通过分析具体的SQL注入实例,揭示了该新型SQL注入攻击的原理,并提出了针对此类攻击的防范手段。通过ip过滤,数据校验,机器学习等手段建立了一套完整的防御模型,且该模型具有低侵入、易实现、高可用、强扩展等优点。
关键词: 计算机网络 新型SQL注入攻击 HTTP Headers 漏洞 防御模型
For information in English, please click here
Research and defense of a new type of SQL injection attack
Abstract:In this paper, a new type of SQL Injection attack through HTTP Headers is studied. Through analysising an example of the SQL Injection attack,the principle of the new type of SQL Injection attack is revealed, and the defense for the new type of SQL Injection attack is proposed. A defense model is established via such means as the IP filtering, data validation and machine learning, and this model has such advantages as low invasive, easy realization, high availability and strong expandability.
Keywords: Computer networks A new type of SQL Injection attack HTTP Headers Defense model
基金:
论文图表:
引用
No.4656939109752914****
同行评议
共计0人参与
勘误表
一种新型SQL注入攻击的研究与防范
评论
全部评论0/1000