基于爬虫的SQL注入漏洞检测技术的研究
首发时间:2017-09-13
摘要:SQL注入是当今危害比较大的威胁之一,被攻击者利用的手段也是层出不穷。针对这种情况,如何准确迅速的检测SQL注入就成为大家研究的热点。本文首先介绍了Web crawler和SQL注入的技术原理,然后在此基础上对其进行了改进,提高爬取网页的效率,接着在传统SQL注入的检测方法上加入了绕过WAF的机制,提高了SQL注入的准确度。最后通过实验证明了有效性。
For information in English, please click here
Research on SQL Injection detection based on Web crawler
Abstract:SQL injection is one of today\'s relatively dangerous threats, the use of the means by attackers is endless. In view of this situation, how accurate and rapid detection of SQL injection has become a hot spot for everyone to study. This paper first introduces the knowledge of crawlers and SQL injection, then improves the crawler on the basis of the traditional crawler, improves the efficiency of crawling the webpage, and then adds the method to bypass the WAF in the traditional SQL injection detection method. The accuracy of SQL injection. Finally, the experiment proves the validity.
Keywords: information security Web crawler SQL injection WAF bypass
基金:
引用
No.****
动态公开评议
共计0人参与
勘误表
基于爬虫的SQL注入漏洞检测技术的研究
评论
全部评论0/1000