针对传统Web应用防火墙规则库过于庞大、且无法识别新的SQL注入变种攻击,通过深入分析和提取SQL注入的特征,提出了一种基于免疫机理的检测和防护算法.分别设计了基于模式匹配的静态检测模块和基于否定选择算法的动态检测模块,对检测器的生成算法做了改进,并引入基于MapReduce并行化处理机制加快了检测器的生成效率,实验仿真结果验证了该算法的正确性和有效性.%According to the fact that traditional Web application firewall rule base is too large, and can not recognize the new variant of SQL inj ection attacks(SQLIAs),through analyzing and extracting features of SQL injection,an SQLIAs detection and prevention algorithm based on im-mune mechanism is proposed.In this paper,we design the static detection pattern matching mod-ule and dynamic detection module based on negative selection algorithm.In the proposed algo-rithm,the method of generating detector is improved,and the parallel processing mechanism is put foward to accelerate the generation efficiency of the detector based on MapReduce.Experi-mental results verify the correctness and effectiveness of the algorithm.
展开▼
