Randomized SQL Statement Detection Based on SQL Parser

Randomized SQL Statement Detection Based on SQL Parser

연구 분야: Databases

학회: 2025 10th International Conference on Computer and Communication System (ICCCS)

SQL injection attack (SQLIA) is one of the major security threats faced by Web applications. The SQL randomization method based on instruction set randomization can be used to detect and defend against SQL injection attacks. This paper analyzes the security issues present in traditional SQL randomization methods when detecting SQL injection attacks and proposes a randomized SQL statement detection method based on SQL parser. Experimental results demonstrate that this method effectively defends against SQL injection attacks, with the optimal implementation achieving a performance loss of only 5.73 %.