Find in Library

The development of Web application make its areas become more and more widely.Followed by a security problem is becoming more and more serious,especially for the SQL injection attacks,which bring a huge challenge to the Web application security.A new SQL injection filtering method was proposed to detect SQL injection attack by introducing a security strategy based on SQL syntax tree to the design of the user input filtering.The experimental results show that the method can effectively prevent SQL injection attacks,and has higher recognition rate and lower rate of false positives.