计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (11): 150-152.

• 网络、通信与安全 • 上一篇    下一篇

SQL注入攻击及其防范检测技术研究

陈小兵 张汉煜 骆力明 黄河   

  1. 海军装备研究院信息技术工程研究所 北京航空航天大学软件学院 北京航空航天大学软件学院
  • 收稿日期:2006-05-15 修回日期:1900-01-01 出版日期:2007-04-11 发布日期:2007-04-11
  • 通讯作者: 陈小兵

Research On the Technique of SQL Injection Attacks and Detection

XiaoBing Chen   

  1. Chen Xiaobing (College of Software Beihang University 100083)
    Luo Liming (College of Information Engineering Capital Normal University 100081)
    Huang He (College of Software Beihang University 100083)
  • Received:2006-05-15 Revised:1900-01-01 Online:2007-04-11 Published:2007-04-11
  • Contact: XiaoBing Chen

摘要: 本文简要介绍了SQL注入攻击的原理,SQL注入攻击实现过程,配合网页木马实施网络入侵的方法,给出了SQL注入攻击的检测方法,并在此基础上给出了一种SQL注入攻击的自动防范模型。

关键词: SQL注入攻击 防范检测技术 网页木马

Abstract: This paper introduces the theory of SQL injection attacks and the process of implement .The detecting technique of sql injection attacks is investigated through combining with the Trojan-horses invading means of web. On this basis, a model of automatically detecting against sql injection attacks is concluded.

Key words: SQL Injection attacks, Detection Technique, Web Trojan-horse