Title :
A database security gateway to the detection of SQL attacks
Author :
Ruzhi, Xu ; Jian, Guo ; Liwu, Deng
Author_Institution :
Sch. of Control & Comput. Eng., North China Electr. Power Univ., Beijing, China
Abstract :
With the rapid development of Internet, more and more web applications based on database appeared, thus the databases face the threats. Because of the SQL attacks, people pay much attention to the security of database on the internet. This paper presents a solution that is a database security gateway deployed between web server and database server. The paper describes the architecture of the database security gateway, and focuses on the research of the attack protection module, including the construction of secure rules library, the process of SQL statements filtering, the improvement and application of Sunday pattern matching algorithm. The database security gateway has been carried out in power industry and has good effect.
Keywords :
Internet; SQL; internetworking; network servers; pattern matching; security of data; Internet; SQL attack detection; attack protection module; database security gateway; database server; secure rules library; standard query language; sunday pattern matching algorithm; web application; web server; Browsers; Distributed databases; Fires; Logic gates; Protocols; Security; SQL filtering; attack protection module; pattern matching; secure rules library;
Conference_Titel :
Advanced Computer Theory and Engineering (ICACTE), 2010 3rd International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-6539-2
DOI :
10.1109/ICACTE.2010.5579595
