异构数据库具有数据量规模庞大、多样性等特点。在高并发条件下,数据库系统会承受大量的查询请求,使得检测出SQL注入攻击数据不具备实时效应。因此,提出高并发异构数据库SQL注入攻击检测方法。通过清洗异构数据库,采用主成分分析方法对数据降维;采用词频-逆文档频率(Term Frequency Inverse Document Frequency,TFIDF)算法对异构数据库攻击数据量化,并提取攻击特征;结合支持向量机(Support Vector Machine,SVM)方法对特征分类,实现异构数据库SQL注入攻击检测。实验结果表明,上述方法检测SQL注入攻击时,当待检测数据量较大时,耗时仅为53ms,且能够适配于所有SQL注入攻击类型。
High Concurrency Heterogeneous Database SQL Injection Attack Detection Method and Simulation
Generally,heterogeneous databases have the characteristics of large data volume and diversity.Under high concurrency,the database system may have to accept many query requests,so it is impossible to detect SQL in-jection attacks in real-time.Therefore,a method for detecting SQL injection attacks in high-concurrency heterogene-ous databases was proposed.Firstly,the method cleaned up the heterogeneous database and used principal component analysis to reduce the dimensionality of data.Then,the TFIDF(Term Frequency Inverse Document Frequency)algo-rithm was adopted to quantify the attack data in the heterogeneous database and extract the attack features.Finally,the SVM(Support Vector Machine)method was used to classify the features,thus detecting SQL injection attacks in the heterogeneous database.Experimental results show that when the amount of the data to be detected is large,the method only takes 53ms to detect SQL injection attacks,so it can adapt to all types of SQL injection attacks.
High-concurrency conditionHeterogeneous databaseInjection attackReal-time detectionConstruc-tion of detection model
万方数据
维普
