基于特征融合的 SQL 注入多分类检测-学报杂志社

期刊信息

合肥工业大学（自然科学版），2026年2月，第49卷第2期：167-172，193

DOI: 10.3969/j.issn.1003-5060.2026.02.004

作者信息

姜珍珍 $ ^{1} $，杨彬彬 $ ^{2} $，薛峰 $ ^{3} $

（1. 合肥工业大学计算机与信息学院，安徽合肥 230601；2. 安徽三实软件科技有限公司，安徽合肥 230601；3. 合肥工业大学软件学院，安徽合肥 230601）

摘要和关键词

摘要: SQL 注入攻击是一种常见的网络安全威胁,因此检测 SQL 注入成为网络安全领域的一项重要研究内容。传统 SQL 注入检测方法存在准确性低、无法确定 SQL 注入攻击的具体类型等问题,文章提出一种基于特征融合的 SQL 注入攻击多分类检测方法(feature fusion-based multi-class SQL injection detection, FMC-SID)。实验结果表明,该方法不仅达到了 99.99% 的准确率,而且能够确定 SQL 注入攻击的具体类型,为安全人员提供更加具体的 SQL 注入攻击的描述信息和意图,以制定更有针对性的应对措施,提高网络安全的防护能力。

关键词: SQL 注入检测；网络安全；多分类；特征融合；深度学习；SQL 标准化

Authors

JIANG Zhenzhen $ ^{1} $, YANG Binbin $ ^{2} $, XUE Feng $ ^{3} $

(1. School of Computer Science and Information Engineering, Hefei University of Technology, Hefei 230601, China; 2. Anhui Sanshi Software Technology Co., Ltd., Hefei 230601, China; 3. School of Software, Hefei University of Technology, Hefei 230601, China)

Abstract and Keywords

Abstract: Structured query language (SQL) injection attack is a common network security threat, so detecting SQL injection has become an important research topic in the field of network security. Traditional SQL injection detection methods have problems such as low accuracy and inability to determine the specific type of SQL injection attack. Therefore, this paper proposes a feature fusion-based multi-class SQL injection detection (FMC-SID) method. The experimental results show that this method not only achieves an accuracy of 99.99%, but also identifies the specific type of SQL injection attack, which can provide security personnel with more specific description and intention of SQL injection attack, enabling them to develop more targeted countermeasures and improve network security protection capabilities.

Keywords: structured query language(SQL) injection detection; network security; multi-class classification; feature fusion; deep learning; SQL normalization

基金信息

国家自然科学基金资助项目（62272143）

合肥工业大学学报(自然科学版)

导航菜单

基于特征融合的 SQL 注入多分类检测