SQL Injection 攻擊偵測:使用資訊安全日誌管理系統平台的實踐方法
No Thumbnail Available
Date
2023
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
本論文旨在探討如何利用Wazuh安全監控平台和有限狀態機方法來檢測和預防SQL注入攻擊。首先,我們介紹了SQL注入攻擊的威脅性和常見形式,並分析了目前現有方法在應對這一問題上的局限性。接著,我們詳細介紹了Wazuh平台和有限狀態機方法的原理和應用。通過結合日誌檔的收集和分析,我們提出了一套基於規則的檢測和預警機制,以提前發現和處理SQL注入攻擊。在實驗中,我們利用不同類型的SQL注入攻擊案例來驗證我們的方法的有效性。
This thesis aims to explore how to detect and prevent SQL injection attacks using the Wazuh security monitoring platform and Finite State Machine (FSM) method. Firstly, we introduce the threats and common forms of SQL injection attacks, and analyze the limitations of existing methods in addressing this issue. Next, we provide a detailed overview of the principles and application of the Wazuh platform and the Finite State Machine method. By combining log collection and analysis, we propose a rule-based detection and alerting mechanism to proactively detect and handle SQL injection attacks. In our experiments, we validate the effectiveness of our approach using various types of SQL injection attack scenarios.
This thesis aims to explore how to detect and prevent SQL injection attacks using the Wazuh security monitoring platform and Finite State Machine (FSM) method. Firstly, we introduce the threats and common forms of SQL injection attacks, and analyze the limitations of existing methods in addressing this issue. Next, we provide a detailed overview of the principles and application of the Wazuh platform and the Finite State Machine method. By combining log collection and analysis, we propose a rule-based detection and alerting mechanism to proactively detect and handle SQL injection attacks. In our experiments, we validate the effectiveness of our approach using various types of SQL injection attack scenarios.
Description
Keywords
SQL注入攻擊, Wazuh安全監控平台, 有限狀態機, 日誌檔分析, 攻擊檢測, 預警機制, SQL injection attacks, Wazuh security monitoring platform, Finite State Machine, Log analysis, Attack detection, Alerting mechanism