SQL注入攻击及其防范检测技术研究

计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (11): 150-152.

SQL注入攻击及其防范检测技术研究

陈小兵张汉煜骆力明黄河

海军装备研究院信息技术工程研究所北京航空航天大学软件学院北京航空航天大学软件学院

收稿日期:2006-05-15 修回日期:1900-01-01 出版日期:2007-04-11 发布日期:2007-04-11
通讯作者: 陈小兵

Research On the Technique of SQL Injection Attacks and Detection

XiaoBing Chen

Chen Xiaobing (College of Software Beihang University 100083)
Luo Liming (College of Information Engineering Capital Normal University 100081)
Huang He (College of Software Beihang University 100083)

Received:2006-05-15 Revised:1900-01-01 Online:2007-04-11 Published:2007-04-11
Contact: XiaoBing Chen

摘要/Abstract

摘要： 本文简要介绍了SQL注入攻击的原理，SQL注入攻击实现过程，配合网页木马实施网络入侵的方法，给出了SQL注入攻击的检测方法，并在此基础上给出了一种SQL注入攻击的自动防范模型。

关键词: SQL注入攻击防范检测技术网页木马

Abstract: This paper introduces the theory of SQL injection attacks and the process of implement .The detecting technique of sql injection attacks is investigated through combining with the Trojan-horses invading means of web. On this basis, a model of automatically detecting against sql injection attacks is concluded.

Key words: SQL Injection attacks, Detection Technique, Web Trojan-horse

陈小兵张汉煜骆力明黄河. SQL注入攻击及其防范检测技术研究[J]. 计算机工程与应用, 2007, 43(11): 150-152.

XiaoBing Chen. Research On the Technique of SQL Injection Attacks and Detection[J]. Computer Engineering and Applications, 2007, 43(11): 150-152.