Data is the most valuable resource of the Internet, attackers often use SQL injection attacks to destroy the database in order to obtain important data information in the database, and today's attack scene is complex, dynamic, multi-channel, non-linear, the existing defense detection technology cannot cope with unknown attacks, the existing instruction set randomization method may be broken by force. Aiming at the above problems, an active defense system of SQL injection attack based on randomization method pool is proposed. The randomization method pool and parallel executor are introduced to build the system framework. The result is decided whether to forward to the database after the decision maker votes, which no longer depends on prior knowledge. The attacker cannot use the system information obtained before to carry out the next effective attack. The formal representation and experimental results show that this method can effectively defend against SQL injection attacks.
Log anomaly detection based on deep learning is one of the research hotspots in the field of computer security. It is foreseeable that the mimicry theory proposed by Academician Wu Jiangxing will further improve the detection capabilities of deep learning models, but will also bring high resource consumption and difficulty in application. Therefore, this paper proposes a mimic model construction method that uses the output of complex models as prior knowledge to train lightweight heterogeneous execution bodies and then integrates them. Finally, it is based on DPCNN and TextCNN as complex models and lightweight executions respectively. The experiment of the body structure mimic model proves that while reducing the number of parameters from millions to thousands, its detection accuracy and F1 value are only about 2% and 4% lower than the original model, which greatly retains the original model. The detection capability.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.