SQL Injection Behavior Detection Method Based on AOP and Dynamic Taint Analysis

HE Cheng-wan; YE Zhi-peng

doi:10.3969/j.issn.0372-2112.2019.11.025

您当前的位置：

首页 >

文章列表页 >

SQL Injection Behavior Detection Method Based on AOP and Dynamic Taint Analysis

更新时间：2025-07-16

- SQL Injection Behavior Detection Method Based on AOP and Dynamic Taint Analysis
- Acta Electronica Sinica Vol. 47, Issue 11, Pages: 2413-2419(2019)
- 作者机构：
  
  武汉工程大学计算机科学与工程学院,湖北,武汉,430205
- 作者简介：
- 基金信息：
  
  National Natural Science Foundation of China (No.61272115)
- DOI：10.3969/j.issn.0372-2112.2019.11.025
  CLC： TP309.2
- Published Online：25 November 2019，
  
  Published：2019
- 稿件说明：
移动端阅览
HE Cheng-wan, YE Zhi-peng. SQL Injection Behavior Detection Method Based on AOP and Dynamic Taint Analysis[J]. Acta Electronica Sinica, 2019, 47(11): 2413-2419.
DOI：

HE Cheng-wan, YE Zhi-peng. SQL Injection Behavior Detection Method Based on AOP and Dynamic Taint Analysis[J]. Acta Electronica Sinica, 2019, 47(11): 2413-2419. DOI： 10.3969/j.issn.0372-2112.2019.11.025.

摘要

Web应用程序时刻面临着来自网络空间中诸如SQL注入等代码注入式攻击的安全威胁.大多数针对SQL注入攻击的检测方法执行效率较低，检测精度也不够高，特别是实现方法不易被重用.根据注入型脆弱性特征提出了一种基于AOP（Aspect-Oriented Programming）和动态污点分析的SQL注入行为检测方法，并通过方面（aspect）模块化单元对污点分析过程进行了封装，使得安全这类典型的程序横切关注点从基层子系统中分离，提高了检测代码的可重用性.在污点汇聚点结合通知（advice）机制动态加载各类检测组件实现在运行时执行检测代码，从而应对SQL注入这类典型的针对Web应用程序的代码注入攻击方式.实验表明，该方法能够在不修改应用程序执行引擎及源码的前提下实现自保护过程，有效防御重言式（tautologies）、逻辑错误查询（logically incorrect queries）、联合查询（union query）、堆叠查询（piggy-backed queries）、存储过程（stored procedures）、推理查询（inference query）、编码转换（alternate encodings）等7种典型的SQL注入攻击类型.

Abstract

Web applications are constantly exposed to security threats from code injection attacks such as SQL injection in cyberspace.At present

most detection methods against SQL injection attacks have low execution efficiency and low detection accuracy

and are not easy to be reused.According to the characteristics of injection vulnerability

a SQL injection behavior detection method based on aspect-oriented programming and dynamic taint analysis is proposed

the taint analysis process is encapsulated by the aspect unit

so that the typical program crosscutting-concerns are separated from the base system

which improves the reusability of detection code.The Advice mechanism is used to dynamically load the various detection component implementations to execute the detection code at runtime to counter typical code injection attacks such as SQL injection against Web applications.Experiments show that this method can realize the self-protection process without modifying the application execution engine and source code

so as to effectively defend against seven typical types of SQL injection attacks such as tautologies

logically incorrect queries

union query

piggy-backed queries

stored procedures

inference query

alternate encodings

and so on.

关键词

Keywords

references

Views

149

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Cache-Based Side-Channel Vulnerability Detection Based on Symbolic Execution

A Full Automatic Detection Method for Security Policy of JVM Run-Time Library

Related Author

YANG Chao

GUO Yun-fei

HU Hong-chao

LIU Wen-yan

HUO Shu-min

WANG Ya-wen

WU Rong-hui

WANG Ning

Related Institution

国家数字交换系统工程技术研究中心

School of Information Science and Engineering, Hunan University

⁰