计算机与数字工程2024,Vol.52Issue(10):3037-3041,3078,6.DOI:10.3969/j.issn.1672-9722.2024.10.032
基于时序网络的SQL注入攻击检测技术
SQL Injection Attack Detection Technology Based on Timing Network
孟心炜 1曾天宝 2谢波 3张中延4
作者信息
- 1. 华中师范大学数统学院 武汉 430079
- 2. 湖北商贸学院 武汉 430079
- 3. 武汉数字工程研究所 武汉 430205
- 4. 华中科技大学机械学院 武汉 430074
- 折叠
摘要
Abstract
With the rapid development of modern information technology,injection vulnerabilities have been at the top of the top 10 of open Web application security projects for many years,and are one of the most damaging and widely exploited types of vul-nerabilities against Web applications.Structured query language(SQL)injection attack detection is still a challenging problem due to the heterogeneity of attack loads,the diversity of attack methods and the diversity of attack modes.At present,most of the main-stream SQL injection detection tools on the market are based on established rules and cannot meet the changing challenges.In this regard,this paper proposes a deep learning method,which uses context embedding model(BERT)to extract data set features,then uses BiLSTM's sequence modeling capability to further process sequence data,capture contextual dependencies and semantic rela-tionships,and finally uses attention mechanism as a classification algorithm.Experiments show that the proposed algorithm has a re-markable improvement in detection performance.关键词
深度学习/SQL注入攻击/BERT/注意力机制Key words
deep learning/SQL injection attack/BERT/Attention mechanism分类
信息技术与安全科学引用本文复制引用
孟心炜,曾天宝,谢波,张中延..基于时序网络的SQL注入攻击检测技术[J].计算机与数字工程,2024,52(10):3037-3041,3078,6.
