CN118535951A - SQL attack identification method and system based on deep learning dynamic target range feature fusion - Google Patents

Abstract

The present invention discloses a SQL attack identification method and system based on deep learning dynamic target range feature fusion, including: S1, building a target server to simulate a real SQL injection attack and obtain an injection attack sample; S2, decoding and detecting the obtained injection attack sample data packet to obtain an injection attack statement text data set; S3, combining the word frequency text frequency index and the SuperTerm_Vector word vector algorithm, converting the text data of the injection attack statement in the data set into the corresponding numerical feature; S4, using the injection attack statement numerical vector feature input LC-CNN model for classification model training; S5, using the trained LC-CNN model to identify the test data and determine whether there is an SQL attack. The present invention has achieved significant advantages in training efficiency and classification accuracy, and has good robustness and generalization ability as a whole.

Description

SQL attack identification method and system based on deep learning dynamic target range feature fusion

Technical Field

The present invention relates to a SQL attack identification method based on deep learning dynamic target range feature fusion, which specifically belongs to the intersection technology of network security and artificial intelligence deep learning.

Background Art

With the widespread use of Web systems and the huge value created by big data, database security issues are attracting more and more attention. Among the many security risks faced by databases, Web applications are vulnerable to SQL injection attacks during operation. SQL injection attackers obtain sensitive information of web sites by injecting malicious SQL statements. When these statements are input into the backend for execution, they will attack the database, thereby obtaining the permissions of the underlying database of the application, allowing attackers to freely access the database and the potential information it contains, such as stealing database information, personal privacy data, user passwords, etc., and then achieve arbitrary malicious deletion and tampering, etc., which brings security threats to Web system data, user privacy or sensitive data. According to the data published by the latest national information security vulnerability database, SQL injection vulnerabilities currently account for 11.67% of Web vulnerabilities reported on the Internet. Therefore, it is crucial to detect and defend against SQL injection attacks.

The datasets used in SQL injection detection research include public datasets, custom datasets, and datasets that are a mixture of public and custom datasets. Traditional SQL injection detection methods mainly rely on techniques such as rule matching and feature extraction, but these methods are often difficult to adapt to the ever-changing attack methods. Machine learning, as an emerging technology, can learn and analyze large amounts of data to identify and predict unknown attack methods, but how to obtain large amounts of reliable data is a difficult problem. In addition, although research on SQL injection attack identification and feature extraction has made important progress in recent years, and various models have their own advantages in detecting SQL injection attacks, there are still some key issues that need to be resolved, including:

(1) Data imbalance. In actual application scenarios, normal queries far outnumber malicious queries, which will directly affect the model during the learning process and tend to classify most queries as normal queries, directly leading to the problem of data imbalance. In addition, attackers can construct malicious SQL queries in a variety of ways to bypass detection, thereby reducing the ability to identify malicious queries.

(2) Attack diversity and variability. This is a serious problem for models that rely on known samples. It is possible that legitimate queries are mistakenly marked as malicious attacks, resulting in a high false positive rate, while some malicious queries are not detected, resulting in a high false negative rate. This further weakens the accuracy and reliability of the prediction, resulting in missed attacks or high false positive rates.

In addition, the current publicly available SQL injection attack datasets are very limited. This is mainly due to legal and data security restrictions, as well as the data protection policies of website owners. Generally, website owners do not allow unauthorized scanning and attack behaviors, and they often use data encryption technology to protect the transmission of sensitive information. These factors make it difficult to publicly obtain SQL injection attack data. Even if there are some public datasets, these datasets may only contain limited types of SQL injection attack samples, lack sufficient variation and complexity, and cannot fully reflect the various forms and techniques of SQL injection attacks. There is also a problem of insufficient diversity, which cannot meet the needs of extensive research and experiments.

Summary of the invention

The technical problem solved by the present invention is: to provide a SQL attack identification method based on deep learning dynamic target range feature fusion to address the problems of missed detection and high false alarm rate caused by limited publicly available SQL injection attack data sets collected in existing network SQL attack detection.

The present invention is implemented by the following technical solutions:

On the one hand, a SQL attack identification method based on deep learning dynamic target range feature fusion is provided, comprising the following steps:

S1. Build a targeted server to simulate a real SQL injection attack and obtain injection attack samples;

S2, decoding and detecting the acquired injection attack sample data packets, obtaining the injection attack sentence text data set, and performing word segmentation processing on the injection attack sentences in the text data set;

S3, combining the word frequency index and the SuperTerm_Vector word vector algorithm to process the text data set after word segmentation, and convert the text data of the attack sentence injected in the data set into the corresponding numerical vector features;

S4, combining the numerical vector features of the injection attack statements obtained by S3 and the numerical vector features of the normal SQL query statements as a training data set, and inputting them into the LC-CNN model for classification model training, wherein the LC-CNN model is provided with two convolutional layers, the convolutional layers are connected to a flattening layer, and then to a fully connected layer;

S5. Use the LC-CNN model trained in S4 to identify the test data and determine whether there is a SQL attack.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, in step S1, the PHP Study tool is used to establish a simulation environment, a local sqli-libs target range server is built, the SQLMAP interface function is used to detect and scan the WEB application in the local target range server, the SQLMAP automation tool is used to simulate and automatically execute SQL injection attacks, and the real and effective injection data is captured by the Wireshark packet capture tool to obtain injection attack samples.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, in step S2, the encrypted data in the injection attack sample data packet obtained by S1 is identified and decoded, and the injection attack sample data is judged in turn whether it belongs to the Base64 decoding format and the Unicode decoding format, and is decoded and converted into the UTF-8 encoding format to output the injection attack statement text, and the output injection attack statement text is simplified, the decimal numbers therein are converted into 0×12, the date and time are replaced with 1-1-1, only one rewritten keyword is retained, and the noise characters in the injection attack statement are deleted.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, step S2 uses a space segmentation method to perform word segmentation on the decoded injection attack statement, divides the SQL injection attack statement into a string sequence, and adds spaces before and after it.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, in step S3, the word frequency text frequency index is calculated by the following formula:

TF-IDF＝TF×IDF，

Where TF-IDF represents the term frequency index, TF(i) represents the frequency of word i in the text, IDF(i) represents the importance index of word i, Total(i) represents the frequency of word i in the injected attack sentence, Total represents the total number of words in the injected attack sentence, T(i) represents the frequency of sentences containing word i, and φ represents the offset.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, the SuperTerm_Vector word vector algorithm represents each word in the injected attack sentence as a vector, and maps the input text data to a multidimensional space, including the following process:

Build a corpus, collect public text data as the corpus, and preprocess the text data in the corpus, including word segmentation, punctuation removal, conversion to lowercase, and stop word removal to obtain clean text data;

Build a vocabulary from the preprocessed corpus, containing all the unique words that appear in the corpus;

Construct training samples based on the vocabulary. Each training sample consists of a central word and its surrounding context words.

Define the model structure, select the Skip-gram model to predict the surrounding context words through the central word, input the training samples into the defined Skip-gram model structure for training, and use the negative log-likelihood loss function to maximize the probability of predicting the context words to adjust the model parameters during the training process;

Obtain word vectors. Input the text dataset after word segmentation in step S2 into the trained Skip-gram model. Each word in the text dataset is mapped to the word vector space. Each word is represented as a length vector of the corresponding mapping. According to the principle that words with close similarity in the semantic space in the injection attack sentence are also close in distance in the vector space, the distance of the spatial word vectors is calculated in the following way:

The injection attack sentence contains n words w ₁ , w ₂ , w , ... , w _n . The word vector list of all words in the attack sentence in the SuperTerm_Vector algorithm is represented as v ₁ , v ₂ , v ₃ , ... , v _n . The cosine similarity (v _μ , v _v ) of two word vectors v _μ and v _v is calculated using the following formula:

Where · represents the dot product of the vectors, ||v _μ || and ||υ _ν || represent the norms of the word vectors v _μ and v _v , respectively. The similarity between different words in the injected attack sentence is calculated based on the cosine similarity, and the distance between different words in the word vector space is obtained accordingly.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, for each word in the injection attack sentence, its corresponding spatial word vector is multiplied by TF-IDF to obtain the weighted word vector V′ _w of each word. The average weighted word vector of the injection attack sentence is expressed as n represents the number of words contained in the injection attack sentence, W represents the words contained in the injection attack sentence, and D represents the injection attack sentence. The average weighted word vector of the injection attack sentence is used as the numerical vector feature to train the LC-CNN model for classification.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, in step S4, the convolution layer adopts the ReLU function as the activation function, the fully connected layer adopts the Sigmoid function as the activation function, and the flattened layer adopts the Tanh function as the activation function.

In the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention, specifically, the LC-CNN model adds a model.compile() function to define the optimizer, loss function and evaluation index of the model, the optimizer adopts the Adam optimizer, the loss function uses binary cross entropy, the evaluation index includes accuracy, F1 value and confusion matrix, and the optimal model parameter setting is determined by determining the iteration with the highest classification accuracy during multiple iterative training of the classification model.

The present invention also discloses a SQL attack identification system based on deep learning dynamic target range feature fusion, including:

Data collection module, builds a target server to simulate real SQL injection attacks and obtain injection attack samples;

The data cleaning module decodes and detects the acquired injection attack sample data packets, obtains the injection attack sentence text data set, and performs word segmentation processing on the injection attack sentences in the text data set;

The feature extraction module combines the word frequency index and the SuperTerm_Vector word vector algorithm to process the text data set after word segmentation, and converts the text data injected into the attack statement in the data set into corresponding numerical features;

The LC-CNN classifier has a built-in LC-CNN model. The LC-CNN model has two convolutional layers, which are connected to a flattening layer and then to a fully connected layer. The classification model is trained by inputting a training data set composed of the numerical features of the injection attack statements of the feature extraction module and the numerical vector features of the normal SQL query statements. The trained LC-CNN model is then used to identify the test data to determine whether there is an SQL attack.

The present invention adopts the above technical solution to achieve the following beneficial effects:

(1) The present invention independently creates a SQL injection attack range, builds a local sqli-libs range server, and uses the global detection and automatic scanning functions based on the SQLMAP interface function to deeply detect and scan the local target machine WEB application, actively simulate SQL injection attacks and observe the response of the WEB application, collect attack data and vulnerability information, ensure that the data collection process is controlled, and can meet the needs of research and experiments, and realize the improvement of research and defense capabilities against SQL injection attacks. At the same time, it can also accurately control and monitor attack scenarios to ensure security and compliance. It helps to overcome the limitations of data acquisition and provide more comprehensive and diverse SQL injection attack data samples to meet the needs of research and experiments, and also helps to improve the prevention and detection capabilities of SQL injection attacks.

(2) The present invention uses the Wireshark tool to capture data from the local loopback network card. These data packets contain requests, responses, and transmission data during the attack process. Finally, because the captured data packets may contain encrypted or obfuscated information, it is necessary to identify and decode the encrypted data, detect the existence of SQL injection statements, and perform preprocessing such as word segmentation. Through these processing steps, clear and understandable data can be prepared, making it suitable for training and analysis of machine learning models, thereby improving the accuracy and adaptability of the model.

(3) The present invention uses a space segmentation method to divide the SQL injection statement into a string sequence, and adds spaces before and after it to maintain its integrity. This processing step helps to capture the occurrence position and context of special characters, facilitates a better understanding of the structure and grammar of the SQL injection attack statement, thereby identifying potential attack patterns, and provides clear and meaningful input data for the machine learning model, thereby improving the prevention and detection capabilities of SQL injection attacks.

(4) The present invention is a process of converting text data into structured data with numerical features. Since the word frequency text frequency index can more accurately reflect the information in the text data, and the SuperTerm_Vector word vector algorithm based on the Word2Vec word vector model can accurately improve its performance in capturing text semantics and contextual relationships, the present invention combines the word frequency text frequency index and the SuperTerm_Vector word vector algorithm to convert the text data of SQL injection attacks, and converts the data into numerical features that can be understood by the classification model, so as to ensure that the final structured data can be effectively used for the training of the classification model.

(5) The present invention adopts an improved LC-CNN model. First, two convolution layers are set up with a convolution kernel size of 64×1, a depth of 64, and a step size of 1. Then a flatten layer is connected, and finally a fully connected layer is connected. The number of parameters after the first round of convolution is 203,392. On this basis, another convolution layer is added to extract more features. The number of parameters after the second round of convolution is 1,056. In traditional CNN models, the pooling layer is usually used to reduce the number of parameters, but after two convolutions, the parameters are not suitable for pooling operations. Therefore, the present invention cancels the pooling layer and directly performs a flattening operation for subsequent binary classification. This design aims to enhance the model's ability to process one-dimensional text data and provide strong support for subsequent training tasks.

In summary, in response to the challenges of scarce SQL injection attack data sets and imperfect feature extraction, the present invention proposes a feature extraction model that integrates the word frequency text frequency index and the SuperTerm_Vector word vector algorithm, and conducts research in combination with a method of simulating attack scenarios with targeted servers. The standardized SQL injection data set is trained through machine learning technology, and the model parameters in the convolutional neural network are optimized. Compared with the traditional Web application source code SQL injection attack detection method, the present invention has achieved significant advantages in training efficiency and classification accuracy, and has achieved a detection effect of more than 90% in SQL attack action recognition and different graded vulnerability detection, and has good overall robustness and generalization ability.

The present invention is further described below in conjunction with the accompanying drawings and specific embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a flowchart of the steps of the SQL attack identification method based on deep learning dynamic target range feature fusion of the present invention.

FIG2 is a system schematic diagram of a SQL attack identification system based on deep learning dynamic target range feature fusion according to the present invention.

FIG3 is a schematic diagram of a confusion matrix of an LC-CNN classifier model trained using the present invention in an embodiment.

FIG4 is a schematic diagram showing a comparison of training results of a dataset constructed by the present invention and an existing public dataset in an embodiment.

5a and 5b are schematic diagrams showing changes in accuracy and recall curves of the LC-CNN classifier model and the logistic regression model of the present invention when trained separately.

6a and 6b are schematic diagrams showing changes in accuracy and recall curves of the LC-CNN classifier model and the random forest model trained separately in the embodiment.

7a and 7b are schematic diagrams showing changes in accuracy and recall curves of the LC-CNN classifier model of the present invention and the Bayesian model when trained separately in an embodiment.

8a and 8b are schematic diagrams showing changes in accuracy and recall curves of the LC-CNN classifier model and the decision tree model of the present invention when compared and trained separately in the embodiments.

DETAILED DESCRIPTION

Example

Referring to FIG. 1 , a flowchart of a SQL attack identification method based on deep learning dynamic target range feature fusion according to the present invention is shown, which specifically includes the following steps:

S1. Build a targeted server to simulate a real SQL injection attack and obtain injection attack samples.

The PHP Study tool is used to establish a simulation environment, build a local sqli-libs target range server, use the SQLMAP interface function to detect and scan the WEB application in the local target range server, use the SQLMAP automation tool to simulate the automatic execution of SQL injection attacks, and use the Wireshark packet capture tool to capture real and effective injection data to obtain injection attack samples.

S2. Decode and detect the acquired injection attack sample data packets to obtain an injection attack sentence text data set, and perform word segmentation processing on the injection attack sentences in the text data set.

The encrypted data in the acquired injection attack sample data packet is identified and decoded. The injection attack sample data is judged in turn whether it belongs to the Base64 decoding format and the Unicode decoding format, and is decoded and converted into the UTF-8 encoding format to output the injection attack statement text. The output injection attack statement text is simplified, the decimal numbers are converted into 0×12, the date and time are replaced with 1-1-1, only one rewritten keyword is retained, and the noise characters in the injection attack statement are deleted. Then, the decoded injection attack statement is segmented using the space segmentation method, and the SQL injection attack statement is divided into a string sequence, and spaces are added before and after it.

After decoding the obtained injection attack sample data packet to obtain the original request information, the obtained injection attack statement is also detected in the following manner to determine whether it is an SQL injection attack statement.

(1) Collect existing injection attack samples. Search for known SQL injection attack samples in public vulnerability reports, security forums, or known security datasets. These samples usually include SQL statements that malicious users attempt to exploit vulnerabilities or injection attacks.

(2) Constructing a dataset. The collected injection attack samples are organized into a dataset, including injection attack statements and corresponding labels, such as normal query labels or injection attack labels.

(3) Based on known SQL injection attack samples or patterns, an attack list is constructed, which includes known injection attack statement patterns. At the same time, a safe list can also be constructed, which includes normal SQL query statement patterns. Then, by comparing the injection attack sample to be detected with the statement patterns in the above list, it is determined whether there is an injection attack.

(4) The existing deep learning model can be used to train the SQL injection attack dataset, and a classification model can be established using supervised learning methods to distinguish between normal SQL queries and injection attack statements.

S3. Combine the word frequency index and the SuperTerm_Vector word vector algorithm to process the text data set after word segmentation, and convert the text data of the attack sentences injected into the data set into corresponding numerical features.

In step S3, the word frequency text frequency index is calculated by the following formula:

TF-IDF＝TF×IDF，

Where TF-IDF represents the term frequency index, TF(i) represents the frequency of word i in the text, IDF(i) represents the importance index of word i, Total(i) represents the frequency of word i in the injected attack sentence, Total represents the total number of words in the injected attack sentence, T(i) represents the frequency of sentences containing word i, and φ represents the offset.

The SuperTerm_Vector word vector algorithm represents each word in the injection attack sentence as a vector, maps the input text data to a multidimensional space, and represents each word as a length vector of the corresponding mapping, so that words in the injection attack sentence that are close in distance in the semantic space are also close in distance in the vector space.

S4, add the numerical vector features of the injection attack statements and the normal SQL query statements obtained by S3 as training data sets, input the LC-CNN model for classification model training, and set two convolutional layers in the LC-CNN model, connect the flattening layer after the convolutional layer, and then connect to the fully connected layer. The convolutional layer filter size used is 64×1, the depth is 64, and the step size is 1. There are 203392 parameters after convolution. On this basis, another convolutional layer is added to extract features. After this extraction, there are 1056 parameters. The main function of the pooling layer in the traditional neural network model is to reduce the number of parameters, but in the present invention, the parameters are not suitable for pooling after two convolutions. Therefore, the present invention cancels the pooling layer and directly performs the flattening operation to prepare for the following binary judgment. This design enables the model to better process one-dimensional text data and provides strong support for subsequent task training.

In step S4, the convolution layer uses the ReLU function as the activation function, the fully connected layer uses the Sigmoid function as the activation function, and the flattened layer uses the Tanh function as the activation function. On this basis, the LC-CNN model adds the model.compile() function to define the optimizer, loss function and evaluation index of the model. The optimizer uses the Adam optimizer, the loss function uses the binary cross entropy, and the evaluation indicators include the accuracy, F1 value and confusion matrix. During the multiple iterative training of the classification model, the optimal model parameter settings are determined by determining the iteration with the highest classification accuracy.

The training of the LC-CNN classification model also requires the collection of normal SQL query statements as training data sets. Ensure that the data sets are sufficiently representative and diverse to improve the generalization ability of the model. Perform preprocessing of steps S2 and S3 on normal SQL query statement data to convert the SQL query statements into a format suitable for neural network input. Use a data set containing normal SQL query statements and SQL injection attack statement data to train the LC-CNN model. During the training process, the model will learn how to distinguish between normal SQL query statements and malicious SQL injection attack statements.

S5. Use the LC-CNN model trained in S4 to identify the test data and determine whether there is a SQL attack.

2 , this embodiment further provides a system using the above-mentioned SQL attack identification method, including a data collection module 100 , a data cleaning module 200 , a feature extraction module 300 and an LC-CNN classifier 400 .

The data collection module 100 is used to build a target server to simulate a real SQL injection attack and obtain injection attack samples.

The data collection module 100 uses sqli-libs as a target range, builds a target server locally, effectively combines automation tools and real attack scenarios, and first uses the PHP Study tool to establish a simulation environment when building a SQL injection attack target range, aiming to simulate common vulnerabilities and weaknesses in applications in real networks, so as to conduct SQL injection attacks in a controlled environment and collect attack data. Combined with the automatic scanning and detection functions of SQLMAP, continuous SQL injection attacks are simulated to obtain diversified and authentic injection attack samples.

SQL injection attack usually inserts special characters to construct illegal SQL statements after the system form or URL query string, and propagates to the sink aggregation node via the source node as an input parameter, and then passes it to the Web application. When the target server-side executes the input illegal SQL statement, the attacker will attack the XML document vulnerability stored in the relational database, thereby realizing the malicious operation to be performed by himself. To simulate the execution process of SQL injection attack, the data acquisition module 100 of the present invention captures real and effective injection data through the Wireshark packet capture tool, and uses the SQLMAP automation tool to simulate and automatically execute SQL injection attack. Utilize the Wireshark tool to capture local network card data samples, judge whether the target website has SQL injection vulnerability according to the response information, find whether the injection statement in the http sent to the target website successfully returns the database information in the local network card data sample, and success indicates that the injection is successful, indicating that there is an injection vulnerability, strengthening the comprehensiveness and authenticity of the data, and laying a solid foundation for further analysis.

The data cleaning module 200 decodes and detects the acquired injection attack sample data packets, obtains an injection attack sentence text data set, and performs word segmentation processing on the injection attack sentences in the text data set.

The data acquisition module 100 saves the new SQL injection attack sample when it finds it, until the SQLMAP automatic scan is completed. Because the captured data packet may contain encrypted or obfuscated information, the data cleaning module 200 is required to identify and decode the encrypted data in the injection attack sample, detect the existence of SQL injection statements, and perform data cleaning work such as word segmentation. In the data cleaning process, it is necessary to decrypt or restore the modified injection statement to obtain the original SQL injection content. The data acquisition module 100 first uses the SQL dynamic target range data feature decoding algorithm to first determine whether the input injection attack text data belongs to the Base64 decoding format. If it is, it is Base64 decoded and then output. If not, it is determined whether it is in the Unicode decoding format. If it is, it is Unicode decoded. If not, 0 is returned to indicate that it cannot be decoded. The output injection attack statement text is simplified, the hexadecimal numbers in the text data are converted to 0x12, the date and time are all replaced with "1-1-1", only one over-rewritten keyword is retained, and the meaningless noise characters in the SQL statement are deleted, and then word segmentation is performed.

The accuracy of the word segmentation process and the way special characters are handled are crucial to subsequent model training and detection tasks. When considering the key role of special characters in SQL injection attack statements, in order to maintain the original form of special characters in the word segmentation process, they need to be identified as independent tags. Therefore, the data cleaning module 200 uses a space segmentation method to divide the SQL injection statement into a string sequence, and adds spaces before and after it to maintain its integrity. Through this processing step, it is helpful to capture the occurrence position and context of special characters, facilitate a better understanding of the structure and grammar of SQL injection attack statements, thereby identifying potential attack patterns, and providing clear and meaningful input data for machine learning models, thereby improving the prevention and detection capabilities of SQL injection attacks.

The feature extraction module 300 is used to process the text data set after word segmentation by combining the word frequency text frequency index and the SuperTerm_Vector word vector algorithm, and convert the text data injected into the attack sentence in the data set into corresponding numerical features.

The injection attack data is cleaned, and the next step is to convert them into the form of feature vectors, converting the injection data into numerical features that can be understood by the machine learning model to facilitate model training. The converted features include keywords in the SQL injection attack statement, the frequency of occurrence of special characters, the length of the statement, etc. After the feature extraction is completed, these feature vectors can be used to build a machine learning model to identify SQL injection attacks. The feature extraction module 300 processes the cleaned injection attack data based on the Bag-of-Words Model, combined with the word frequency text frequency index and the SuperTerm_Vector word vector algorithm, and converts the data into numerical features that can be understood by the classification model to ensure that the final structured data can be effectively used for the training of the classification model.

Specifically, the term frequency text frequency index algorithm (TF-IDF for short) is a keyword extraction algorithm, which is calculated by the following formula:

TF-IDF＝TF×IDF，

In the formula, TF-IDF represents the frequency index of the word frequency text, that is, the frequency of the word in the text and the importance of the word are multiplied to get the weight value. The larger the weight value, the more important the word is. TF(i) represents the frequency of word i in the text, which is calculated by dividing the number of times a word appears in the text by the total number of all words in the text. IDF(i) represents the importance index of word i. Because words with high frequency of appearance are not necessarily keywords, they may also be common words. Therefore, the purpose of IDF(i) is to reduce the weight of common words and increase the weight of keywords in disguise. Total(i) represents the frequency of word i in the injected attack sentence. Total represents the total number of words in the injected attack sentence. T(i) represents the frequency of sentences containing word i. Indicates the offset, which is used to prevent the log function from calculating incorrectly when the total document library is zero.

However, if the word frequency text frequency index algorithm is directly applied to the feature modeling of SQL injection attacks, on the one hand, the algorithm pays too much attention to the weight of the keyword and ignores the relationship between the location of the keyword and other words. On the other hand, the word frequency text frequency index algorithm is an algorithm generated based on the bag-of-words model. The defect of this algorithm is that the dimension of the text after vectorization will be as high as thousands, which will lead to the problem of excessive subsequent model training and inaccurate model training. Therefore, the feature extraction module 300 of the present invention also introduces the SuperTerm_Vector word vector algorithm for further dimensionality reduction and optimization to improve the accuracy and efficiency of keyword extraction.

The SuperTerm_Vector algorithm represents each word in the SQL injection attack statement as a vector, maps the input text data into a multi-dimensional space, and each word can be represented as a vector of a certain length, and makes the words that are close in the semantic space close in the vector space. The word vector converted by the SuperTerm_Vector algorithm contains both the connection between the context and the location information of the word. This solves the problem of too many dimensions in the model.

The process of obtaining the word vector of each word in the injection attack sentence by the SuperTerm_Vector algorithm is as follows:

Build a corpus and collect public text data as the corpus. It can be any form of text data, such as articles, news, blogs, Wikipedia, etc. Preprocess the text data in the corpus, including word segmentation, punctuation removal, conversion to lowercase, and stop word removal to obtain clean text data;

Build a vocabulary from the preprocessed corpus, containing all the unique words that appear in the corpus;

Construct training samples based on the vocabulary. Each training sample consists of a central word and surrounding context words. The context words can be words within a fixed window size before and after the central word.

Define the model structure, select the Skip-gram model as the center word to predict the surrounding context words, input the training samples into the defined Skip-gram model structure for training, and use the negative log-likelihood loss function to maximize the probability of predicting the context words to adjust the model parameters during the training process;

Obtain word vectors, input the text data set after word segmentation in step S2 into the trained Skip-gram model, and each word in the text data set is mapped to the word vector space. Each word is represented as a length vector of the corresponding mapping, so that words with close similarity in the semantic space in the injected attack sentence are also close in distance in the vector space.

The distance of the spatial word vector is calculated as follows:

The corpus contains all the unique words that appear. For each word _wi , we use a pre-trained word vector representation, denoted as _vi . Then the word vector of word _wi can be expressed as: _wi → _vi .

The injection attack sentence S contains n words w ₁ , w ₂ , w , ... , w _n . The sentence is represented as a word vector list S → [v ₁ , v ₂ , v ₃ , ... , v _n ] containing all words in the SuperTerm_Vector algorithm. The cosine similarity (v _μ , v _v ) of two word vectors υ _μ and v _v is calculated using the following formula:

Where · represents the dot product of the vectors, ||v _μ || and ||v _ν || represent the norms of the word vectors v _μ and v _v respectively. The similarity between different words in the injection attack sentence and the similarity between sentences are calculated based on the cosine similarity. If the similarity of two injection attack sentences in the semantic space is very high, then their distance representation in the vector space will also be very close.

For each word W in the injection attack sentence, find its corresponding space word vector V _W , multiply the cosine similarity representing the word vector distance in the vector space with its corresponding TF-IDF score to obtain the weighted word vector V′ _w for each word. The average weighted word vector of the injection attack sentence is expressed as n represents the number of words contained in the injection attack sentence, W represents the words contained in the injection attack sentence, and D represents the injection attack sentence.

Through this process, we obtain a weighted word vector representation for each injection attack statement document, where the weight of the word vector is determined by its corresponding TF-IDF score. Such a representation comprehensively considers the frequency and semantic information of the word.

Although the TF-IDF algorithm and the SuperTerm_Vector algorithm can solve the problem of keyword feature word frequency weights and too many dimensions after feature extraction and difficult training, it is difficult for traditional convolutional neural networks (CNNs) to achieve good training results when facing the grammatical structure of malicious code or complex nonlinear relationships. Therefore, the present invention is based on the convolutional neural network (CNN) to parse the complex nonlinear relationship in SQL injection attacks, automatically learn the characteristics of input data, and efficiently identify the grammatical structure or specific attack mode of malicious code in SQL injection attacks. At the same time, the convolutional neural network (CNN) model is used to quickly infer and detect the input data, and the LC-CNN classifier model of the present invention is constructed, thereby greatly improving the real-time detection efficiency and accuracy of SQL injection attacks.

The LC-CNN classifier model sets up two convolution layers, which are connected to the flattening layer and then to the fully connected layer. The classification model is trained by inputting the numerical features of the injection attack statements of the feature extraction module, and then the trained LC-CNN model is used to identify the test data to determine whether there is a SQL attack.

In the LC-CNN classifier model, two convolutional layers are first set up with a kernel size of 64×1, a depth of 64, and a stride of 1. A flatten layer is then connected, and finally a fully connected layer is connected. The number of parameters after the first round of convolution is 203,392. On this basis, another convolutional layer is added to extract more features, and the number of parameters after the second round of convolution is 1,056. Pooling layers are usually used to reduce the number of parameters, but after two convolutions, the parameters are not suitable for pooling operations, so the pooling layer is cancelled and the flattening operation is directly performed for subsequent binary classification. This design aims to enhance the model's ability to handle one-dimensional text data and provide strong support for subsequent training tasks.

The LC-CNN classifier model is constructed for binary classification tasks, that is, to determine the category of input data. The ReLU activation function is selected as the activation function of the convolutional layer due to its advantages in calculation speed, training stability, and convergence speed. In the fully connected layer, in order to output a numerical value that can be interpreted as a category probability, the Sigmoid function is selected as the activation function, and the flattened layer uses the Tanh function as the activation function. This combination of functions enables the model to complete binary classification tasks more effectively and plays an important role in improving performance and efficiency.

The Sigmoid function limits the output to the range between 0 and 1. The specific calculation is shown in the following formula:

The Tanh function compresses the output to a range between -1 and 1. The specific calculation is shown in the following formula:

The ReLU function returns all negative values in the input to zero, and leaves the positive values unchanged. The specific calculation is shown in formula (6):

On this basis, the LC-CNN classifier model adds the model.compile() function to define the model's optimizer, loss function, and evaluation indicators. The optimizer here uses the Adam optimizer, and the loss function uses the binary cross entropy. These functions will output the classification accuracy of the model on the training set and the test set during the training process, so as to monitor and evaluate the training process and effect of the model, which helps to monitor and evaluate the effect of the model. The LC-CNN classifier model training process goes through multiple iterations, and the model parameters of the iteration with the highest accuracy are selected as the parameters of this classifier.

In the present invention, accuracy and F1 value can be used to measure the overall performance of the LC-CNN classifier model, while the confusion matrix can provide detailed classification result information to help analyze the performance of the LC-CNN classifier model in different categories. Through these comparisons, it can be proved whether feature extraction and attack identification are effective in our LC-CNN classifier model, and whether the construction of this data set is successful. Therefore, the LC-CNN classifier model of the present invention uses accuracy, F1 value and confusion matrix as evaluation indicators to more accurately understand the performance of the model in the attack detection task, verify the quality of the data set, and evaluate the performance of the model.

Precision refers to the ratio of the number of positive examples correctly predicted by the LC-CNN classifier model to the number of all samples predicted as positive examples. A high precision means that the LC-CNN classifier can misclassify negative examples as positive examples less often, thus providing more reliable prediction results. However, in some unbalanced data sets, a high precision may not always be the most appropriate evaluation metric, because it may ignore the performance of the classifier on minority categories. Therefore, in different cases, the precision needs to be considered together with the recall rate, F1 value, etc. to comprehensively evaluate the performance of the classifier. The specific calculation of the precision is as follows:

True Positives (True Positives TP) indicates the number of attack samples that the LC-CNN classifier correctly predicts as positive examples, that is, the samples are positive and the prediction result is positive; False Positives (False Positives FP) indicates the number of negative attack samples that the LC-CNN classifier incorrectly predicts as positive examples, that is, the samples are negative and the prediction result is positive; True Negatives (True Negatives TN) indicates the number of attack samples that the LC-CNN classifier correctly predicts as negative examples, that is, the samples are negative and the prediction result is negative; False Negatives (False Negatives FN) indicates the number of positive attack samples that the LC-CNN classifier incorrectly predicts as negative examples, that is, the samples are positive and the prediction result is negative.

Recall refers to the ratio of the number of positive examples correctly predicted by the LC-CNN classifier to the total number of actual positive examples. It is mainly used to measure the coverage and comprehensiveness of the LC-CNN classifier in identifying positive examples. There is a trade-off between recall and precision. The range of recall is between 0 and 1. The closer to 1, the better the model performs in detecting positive examples. The specific calculation of recall is as follows:

The F1 value is an indicator used to comprehensively evaluate the performance of the LC-CNN classifier. It can more comprehensively reflect the performance of the LC-CNN classifier. It takes into account the recall rate and precision rate of the classifier at the same time, and combines the influence of misclassification and missed classification. It is used to balance the performance of the model in the classification of positive and negative examples. The range of the F1 value is between 0 and 1. The closer it is to 1, the better the model has achieved in terms of recall rate and precision rate. The specific calculation is shown in the following formula:

The confusion matrix is a tabular form used to measure the classification results of the LC-CNN classifier. The accuracy calculation of the confusion matrix P is shown as follows:

The following specific examples are used to illustrate the comparative training of the SQL attack identification method of the present invention and a conventional machine learning algorithm model.

The experimental environment CPU of the SQL attack identification system of the present invention is Intel (R) Core (TM) i7-8565U CPU @ 1.80GHz, the system used is window10 version, python3.7.3, anaconda3, jupyter6.5.2, tensorflow2.12. Among the 27,000 test data prepared for the experiment, 80% of the data are randomly used as training data and 20% as test data.

In the training results of the LC-CNN classifier model of the present invention, conv1D is a one-dimensional convolution layer, each layer has 32 filters and a sliding window with a step size of 1. This layer has 203392 trainable parameters, and there are 1056 parameters after the second convolution. Then the flatten layer flattens the output into a one-dimensional vector so that it can be input into the fully connected layer. Binary classification is performed in the fully connected layer, and a total of eight iterations are performed. The training loss value is 5.60%, the accuracy rate is 98.16%, and the validation set loss value is 9%. This indicator is used to evaluate the generalization ability of the model, that is, the performance of the model on unseen data. The validation set accuracy is 97%, indicating a similar validation loss set.

The confusion matrix is constructed using the test data and the LC-CNN classifier model prediction data. The results are shown in Figure 3. After comparison, it is found that when the sample value is positive, the prediction value is also positive, and when the sample value is negative, the prediction value is also negative. This shows that the model predicts the data accurately and the model setting parameters are in line with expectations.

Further, this embodiment selects the public data set on GitHub (https://github.com/sql-injection/test-dataset) and the SQL injection data set of kaggle (https://www.kaggle.com/datasets/kholoodsalah/sql-injection-dataset) to conduct a comparative experiment with the data set of the LC-CNN classifier to explore the differences in model performance between different data sets. By preprocessing these two public data sets, the GitHub data set is 4521 dimensions, and the kaggle data set has 6674 dimensions. The training results of different data sets are compared as shown in Figure 4. The data set model constructed by the present invention is not much different from the Kaggle data set in performance, while the GitHub data set is slightly better than the other two data sets, mainly because the amount of data is small, making the model easier to learn and produce better results. Comprehensive consideration, the training effect of the LC-CNN classifier model shows satisfactory performance in the comparative test with the public data set, indicating that it may play an important role in the actual SQL detection task.

Then, the data set constructed by the present invention is used for comparative training with other existing machine learning models. The existing machine learning models selected for comparison in this embodiment include logistic regression model, random forest model, Bayesian model, and decision tree model.

The accuracy results of the model comparison training are shown in Table 1 below.

Iterations Logistic Regression Random Forest Bayesian Decision Tree LC-CNN 1 0.90591631 0.86176046 0.8745465 0.80880231 0.9299 2 0.90649351 0.88946609 0.87281497 0.81168831 0.9762 3 0.90822511 0.90305828 0.87418065 0.81240981 0.9795 4 0.92929293 0.90591631 0.87401575 0.81782107 0.9803 5 0.9304674 0.91370851 0.87335614 0.81926407 0.9815 6 0.9304674 0.92323232 0.87405697 0.82077173 0.9812 7 0.96017316 0.93795094 0.87269654 0.82575758 0.9816 8 0.94141414 0.92844778 0.8734386 0.82431457 0.9816

Table 1. Accuracy results compared with training table

It can be seen from the table that the highest accuracy is that of the LC-CNN classifier model, and the lowest is that of the decision tree model.

The recall rate results of the model comparison training are shown in Table 2 below.

Table 2. Recall results compared to training table

It can be seen that the recall rates of the LC-CNN classifier model and the Bayesian model are very stable, while the recall rate of the decision tree model is very unstable.

The LC-CNN classifier model of the present invention and the logistic regression model are trained separately. As shown in FIG5a, the accuracy of the LC-CNN classifier model is increased to about 98% after the second iteration, which is much higher than the logistic regression model. The highest accuracy of the logistic regression cross-validation is only 96%, and the average accuracy is 92.7%. Although the gap is obvious, the accuracy of the logistic regression algorithm ranks second among all the algorithms in the control group, and the LC-CNN classifier model is higher than its accuracy. It can be seen that the training result of the LC-CNN classifier model of the present invention is very excellent. As shown in FIG5b, in terms of recall rate, the recall rate of the LC-CNN classifier model of the present invention is rapidly raised to more than 94% after the second iteration, indicating that the coverage rate of the LC-CNN classifier for positive samples has reached an excellent training level. The logistic regression cross-validation recall rate performs poorly, most of which are around 80%, and the lowest is 75.4%, with the lowest average recall rate, which is equivalent to one-fifth of the SQL injection statements not being detected. Therefore, in terms of comprehensive accuracy and recall rate, the LC-CNN classifier model has better performance.

The LC-CNN classifier model of the present invention and the random forest model are trained separately. As shown in Figure 6a, the advantage of the LC-CNN classifier model is more obvious. The highest accuracy of the random forest model is only about 1% higher than the first iteration of the LC-CNN classifier model. The random forest model algorithm has a very good processing ability for classification problems, but in the face of the large data of this experiment, too many features cause the performance to decline, and the average accuracy is 90.8%. In contrast, the LC-CNN classifier model has a better accuracy. As shown in Figure 6b, in terms of recall rate, the recall rate of the random forest model fluctuates too much. The reason should be that the leaf nodes are relatively small for the number of features. Adding nodes will deepen the tree height and double the training time. In this case, the average recall rate of the random forest model is 84.2%, which is only higher than the logistic regression model. In terms of comprehensive accuracy and recall rate, the LC-CNN classifier model of the present invention has better performance.

The LC-CNN classifier model of the present invention and the Bayesian model are trained separately. As shown in Figure 7a, the accuracy of the Bayesian model is stable at 87.4%, indicating that the model has a good performance on a given data set and has good generalization ability for untrained data, which means that the model can maintain a high performance level on different sample sets without excessive errors or instability. However, the recognition rate is only slightly higher than that of the decision tree model in these five algorithms, and is significantly lower than the LC-CNN classifier model of the present invention. As shown in Figure 7b, the Bayesian algorithm uses all features and makes full use of the independence assumptions between the features. It can comprehensively classify SQL injection attack samples, thereby performing well in recall rate. The only disadvantage is that the accuracy is not high. In terms of comprehensive accuracy and recall rate, the LC-CNN classifier model of the present invention has better performance.

The LC-CNN classifier model of the present invention and the decision tree model are trained separately. According to Table 1 and Figure 8a, the decision tree model has the lowest accuracy among all the model comparison trainings, with an average accuracy of only 81.8%, because random forest is an algorithm based on ensemble learning, which combines multiple decision trees, thereby reducing the overfitting risk of a single decision tree, which means that the decision tree algorithm may not be well generalized to new data, resulting in poor performance on the test data. Referring to Figure 8b, the recall rate of most decision tree models is not low, only the seventh recall rate is too poor, only 66%. In terms of comprehensive accuracy and recall rate, the LC-CNN classifier model of the present invention performs better in terms of stability.

By comprehensively comparing the training of the LC-CNN classifier model of the present invention with four comparative machine learning models, it can be seen that only the accuracy is slightly lower than that of the Bayesian model. This is mainly because the Bayesian model has a certain robustness to the problem of data category imbalance, while the LC-CNN classifier model of the present invention is more sensitive to imbalanced data. In other aspects, the training effect of the LC-CNN classifier model of the present invention is better than that of the comparative machine learning models.

In this document, the directions or positional relationships indicated by terms such as "up", "down", "front", "back", "left", "right", "top", "bottom", "inside", "outside", "vertical", and "horizontal" are based on the directions or positional relationships shown in the accompanying drawings and are only for the clarity of expressing the technical solutions and the convenience of description, and therefore should not be understood as limitations of the present invention.

In this document, the terms "comprises," "comprising," or any other variations thereof, are intended to cover a non-exclusive inclusion of elements other than those listed and may also include additional elements not expressly listed.

The above are only specific embodiments of the present invention, but the protection scope of the present invention is not limited thereto. Any person skilled in the art can easily think of changes or substitutions within the technical scope disclosed by the present invention, which should be included in the protection scope of the present invention. Therefore, the protection scope of the present invention should be based on the protection scope of the claims.

Claims (10)

1. A SQL attack identification method based on deep learning dynamic target range feature fusion, characterized by comprising the following steps: S1. Build a targeted server to simulate a real SQL injection attack and obtain injection attack samples; S2, decoding and detecting the acquired injection attack sample data packets, obtaining the injection attack sentence text data set, and performing word segmentation processing on the injection attack sentences in the text data set; S3. Combine the word frequency index and the SuperTerm_Vector word vector algorithm to process the text data set after word segmentation, and convert the text data injected into the attack sentence in the text data set into the corresponding numerical vector features; S4, combining the numerical vector features of the injection attack statements obtained by S3 and the numerical vector features of the normal SQL query statements as a training data set, and inputting them into the LC-CNN model for classification model training, wherein the LC-CNN model is provided with two convolutional layers, the convolutional layers are connected to a flattening layer, and then to a fully connected layer; S5. Use the LC-CNN model trained in S4 to identify the test data and determine whether there is a SQL attack. 2. The SQL attack identification method according to claim 1 is characterized in that: in the step S1, a simulation environment is established using the PHPStudy tool, a local sqli-libs range server is built, a SQLMAP interface function is used to detect and scan the WEB application in the local range server, the SQLMAP automation tool is used to simulate and automatically execute SQL injection attacks, and the real and effective injection data is captured by the Wireshark packet capture tool to obtain injection attack samples. 3. The SQL attack identification method according to claim 1 is characterized in that: in the step S2, the encrypted data in the injection attack sample data packet obtained by S1 is identified and decoded, and the injection attack sample data is judged in turn whether it belongs to the Base64 decoding format and the Unicode decoding format, and is decoded and converted into the UTF-8 encoding format to output the injection attack statement text, and the output injection attack statement text is simplified, the decimal numbers therein are converted into 0×12, the date and time are replaced with 1-1-1, only one rewritten keyword is retained, and the noise characters in the injection attack statement are deleted. 4. The SQL attack identification method according to claim 3 is characterized in that: step S2 uses a space segmentation method to segment the decoded injection attack statement, divides the SQL injection attack statement into a string sequence, and adds spaces before and after the string sequence. 5. The SQL attack identification method according to claim 1, characterized in that: in the step S3, the word frequency text frequency index is calculated by the following formula: TF-IDF＝TF×IDF， Where TF-IDF represents the term frequency index, TF(i) represents the frequency of word i in the text, IDF(i) represents the importance index of word i, Total(i) represents the frequency of word i in the injected attack sentence, Total represents the total number of words in the injected attack sentence, T(i) represents the frequency of the sentence containing word i, and φ represents the offset. 6. The SQL attack identification method according to claim 5 is characterized in that: the SuperTerm_Vector word vector algorithm represents each word in the injected attack sentence as a vector and maps the input text data into a multidimensional space, including the following process: Build a corpus, collect public text data as the corpus, and preprocess the text data in the corpus, including word segmentation, punctuation removal, conversion to lowercase, and stop word removal to obtain clean text data; Build a vocabulary from the preprocessed corpus, containing all the unique words that appear in the corpus; Construct training samples based on the vocabulary. Each training sample consists of a central word and its surrounding context words. Define the model structure, select the Skip-gram model to predict the surrounding context words through the central word, input the training samples into the defined Skip-gram model structure for training, and use the negative log-likelihood loss function to maximize the probability of predicting the context words to adjust the model parameters during the training process; Obtain word vectors. Input the text dataset after word segmentation in step S2 into the trained Skip-gram model. Each word in the text dataset is mapped to the word vector space. Each word is represented as a length vector of the corresponding mapping. According to the principle that words with close similarity in the semantic space in the injection attack sentence are also close in distance in the vector space, the distance of the spatial word vectors is calculated in the following way: The injection attack sentence contains n words w ₁ , w ₂ , w, ..., w _n . The word vector list of all words in the attack sentence in the SuperTerm_Vector algorithm is represented as υ ₁ , υ ₂ , υ ₃ , ..., υ _n . The cosine similarity (υ _μ , υ _v ) of two word vectors υ _μ and υ _v is calculated using the following formula: Where represents the dot product of the vectors, ||υ _μ || and |υ _v || represent the norms of the word vectors υ _μ and υ _v , respectively. The similarity between different words in the injected attack sentence is calculated based on the cosine similarity, and the distance between different words in the word vector space is obtained accordingly. 7. The SQL attack identification method according to claim 6 is characterized in that: for each word in the injection attack sentence, the corresponding spatial word vector is multiplied by TF-IDF to obtain the weighted word vector V′ _W of each word, and the average weighted word vector of the injection attack sentence is expressed as n represents the number of words contained in the injection attack sentence, W represents the words contained in the injection attack sentence, and D represents the injection attack sentence. The average weighted word vector of the injection attack sentence is used as the numerical vector feature to train the LC-CNN model for classification. 8. The SQL attack identification method according to claim 1 is characterized in that: in the step S4, the convolution layer uses the ReLU function as the activation function, the fully connected layer uses the Sigmoid function as the activation function, and the flattened layer uses the Tanh function as the activation function. 9. The SQL attack identification method according to claim 7 is characterized in that: the LC-CNN model adds a model.compile() function to define the optimizer, loss function and evaluation index of the model, the optimizer adopts the Adam optimizer, the loss function uses binary cross entropy, the evaluation index includes accuracy, F1 value and confusion matrix, and the optimal model parameter setting is determined by determining the iteration with the highest classification accuracy during multiple iterative training of the classification model. 10. A SQL attack identification system based on deep learning dynamic target range feature fusion, characterized by comprising: Data collection module, builds a target server to simulate real SQL injection attacks and obtain injection attack samples; The data cleaning module decodes and detects the acquired injection attack sample data packets, obtains the injection attack sentence text data set, and performs word segmentation processing on the injection attack sentences in the text data set; The feature extraction module combines the word frequency index and the SuperTerm_Vector word vector algorithm to process the text data set after word segmentation, and converts the text data injected into the attack sentence in the text data set into corresponding numerical features; The LC-CNN classifier has a built-in LC-CNN model. The LC-CNN model has two convolutional layers, which are connected to a flattening layer and then to a fully connected layer. The classification model is trained by inputting a training data set composed of the numerical features of the injection attack statements of the feature extraction module and the numerical vector features of the normal SQL query statements. The trained LC-CNN model is then used to identify the test data to determine whether there is an SQL attack.