首页>
外国专利>
Machine learning detection of database injection attacks
Machine learning detection of database injection attacks
展开▼
机译:机器学习检测数据库注射攻击
展开▼
页面导航
摘要
著录项
相似文献
摘要
Techniques and solutions are described for detecting malicious database activity, such as SQL injection attempts. A first machine learning classifier can be trained by comparing processed and unprocessed user input, where a difference between the two can indicate suspicious or malicious activity. The trained classifier can be used to analyze user input before query execution. A second machine learning classifier is trained with a data set that includes call stack information for an application requesting execution of a dynamic query and query statistics associated with processing of the query at the database. The query of the application can be correlated with a corresponding database query by hashing the application query and the database query and comparing the hash values, where matching hash value indicate a common query. The trained classifier can monitor execution of future queries to identify queries having anomalous patterns, which may indicate malicious or suspicious activity.
展开▼