计算机工程2012,Vol.38Issue(18):111-115,5.DOI:10.3969/j.issn.1000-3428.2012.18.030
基于网页DOM树比对的SQL注入漏洞检测
SQL Injection Vulnerability Detection Based on Webpage DOM Tree Comparison
张晨 1汪永益 1王雄 1施凡1
作者信息
- 1. 电子工程学院网络工程系,合肥230037
- 折叠
摘要
Abstract
Aiming at the problem that traditional SQL injection vulnerability detection results have low accurateness, this paper presents a detection method based on the comparison results of the Webpage's Document Object Model(DOM) tree. By simplifying the Web comparison algorithm based on node sequences, it reduces the number of node compare times, and accelerates the detection. A corresponding SQL injection vulnerability detection prototype system is designed and implied. Experimental results indicate that the system has high detection efficiency and accurateness.
关键词
网页比对/SQL注入/注入漏洞检测/文档对象模型树/DOM树快速比对Key words
Webpage comparison/ SQL injection, injection vulnerability detection/ Document Object Model(DOM) tree/ fast DOM tree comparison分类
信息技术与安全科学引用本文复制引用
张晨,汪永益,王雄,施凡..基于网页DOM树比对的SQL注入漏洞检测[J].计算机工程,2012,38(18):111-115,5.
