首页>
外国专利>
System, method and program product for detecting SQL queries injected into data fields of requests made to applications
System, method and program product for detecting SQL queries injected into data fields of requests made to applications
展开▼
机译:用于检测注入到对应用程序的请求的数据字段中的SQL查询的系统,方法和程序产品
展开▼
页面导航
摘要
著录项
相似文献
摘要
System, method and program product for detecting a malicious SQL query in a parameter value field of a request. The parameter value field is searched for query operands, characters and/or symbols and combinations of query operands, characters and/or symbols indicative of malicious SQL injection. A respective score assigned to each of the query operands, characters and/or symbols or combinations of query operands, characters and/or symbols found in the parameter value field is added to yield a total score for at least two of the query operands, characters and/or symbols or combinations of query operands, characters and/or symbols found in the parameter value field. Responsive to the total score exceeding a threshold, the request is blocked.
展开▼