CAJ | 학술논문

随着计算机网络技术的飞速发展,人们对无处不在的网络依赖程度越来越高,随之而来的一系列网络安全问题也越来越受到人们的重视.目前,SQL注入攻击已成为了黑客攻击的主要手段之一.文章介绍了SQL注入原理,对产生SQL注入原因以及实战中遇到的常见SQL注入攻击方式进行了深入研究,并在实际渗透测试的实践基础上提出一种新的SQL注入检测技术及工具实现,为日后测试SQL注入攻击提供有力的技术支持,为信息系统在SQL注入防御方面提供有力保障.
수착계산궤망락기술적비속발전,인문대무처불재적망락의뢰정도월래월고,수지이래적일계렬망락안전문제야월래월수도인문적중시.목전,SQL주입공격이성위료흑객공격적주요수단지일.문장개소료SQL주입원리,대산생SQL주입원인이급실전중우도적상견SQL주입공격방식진행료심입연구,병재실제삼투측시적실천기출상제출일충신적SQL주입검측기술급공구실현,위일후측시SQL주입공격제공유력적기술지지,위신식계통재SQL주입방어방면제공유력보장.
With the rapid development of computer network technology, the human is more and more reliance on the ubiquitous network, and a series of network security problem that make people pay more attention on it. At present, the SQL injection attack has become one of the primary means of hacking by hackers. This paper introduces the principle of SQL injection, depth study on the cause of SQL injection and actual combat encounter common SQL injection attack, proposed a new SQL injection detection techniques and tools to achieve in practice on the basis of actual penetration testing, and provides strong technical support for future testing SQL injection attacks or provides powerful guarantee for the information system in the SQL injection defense.