隨著網際網路迅速的發展，網頁應用介面形成人機的溝通媒介，良好的設計可增加效率與便利性，若設計缺失也可能形成惡意攻擊的目標。為了防禦網路攻擊，目前以三層式(3-tier)的分散架構為Web應用程式最普遍使用的架構，並以防火牆保護內部資料庫及應用系統。網站普遍採用登入認證機制，限制使用者存取權限。此做法雖可有效地防堵惡意的使用者存取，但若忽略安全性之檢核或設計缺失，可能導致駭客以SQL injection vulnerabilities (SQLIV)攻擊技術，利用網頁介面的合法管道進行非法資料存取甚至破壞系統之攻擊。
依據開放Web軟體安全計畫(OWASP)十大Web資安漏洞報告，注入缺失(Injection Flaw) 漏洞已由2007年Top 2 竄升至2009年Top 1，顯現SQL Injection漏洞仍普遍存在網頁，未能受到有效防範。
本研究目標以提出降低程式開發負擔與毋需對掃描程式碼及增加複雜SQL Injection檢核程式的設計原則下，利用應用層HTTP Request資料及資料庫SQL命令資訊，即時進行網頁應用系統SQLIV攻擊分析，並建立SQL Statement與Http Request Metadata及檢核規則，形成Http Request 訊息檢核與後端SQL Statement合法性檢核二道防線，有效偵測及阻擋SQL Injection攻擊事件。

With the fast development of internet network, website forms man-machine communicative media, while if the system design is weakness that may cause malicious attacks. Generally the System build with three-tier application structure and apply firewall system to protect internal application systems, And websites adopt the mechanism of login and authorize to restrain the access authority of user. Although this method can prevent the hostile user to access data effectively, but if neglect the examine of security or weakness design of program, may cause hackers with SQL injection vulnerabilities (SQLIV) attack technology to access internal data or destroys the system.
According to Web software Top 10 Most Critical Web Application Security Risks Report of Open Web Application Security Project (OWASP), the risk of Injection already rise from Top 2 in 2007 to Top 1 in 2009, SQL Injection vulnerable still appear in website and fail to be kept a lookout effectively.
The goal of this research that is in order to reduce the modification of program or need to scanning the program code and increase complicated SQL Injection examine code to the program. To propose employing the HTTP Request information and database SQL command information on the website application system to process the analyzing of SQLIV attacks immediately, and build the SQL Statement and Http Request Metadata examine rule to defend the SQLIV attack effectively.

[1]　“OWASP Top 10 -2010 ( the Top 10 Most Critical Web Application　 Security Risks )”, The Open Web Application Security Project (OWASP) ,http:// www.owasp.org/index.php/Topten.
[2] Cenzic, “Web Application Security Trends Report Q3-Q4 2009” .
[3] iThome,”SQL Injection新威脅大剖析“, http://www.ithome.com.tw/itadm/article.php?c=50860&s=1
[4] Budi Darmawan,Gary Groenewald,Allan Irving,Sergio Henrique Soares Monteiro, Keirnan M. Snedeker “Database Performance Tuning on AIX”,IBM International Technical Support Organization, http://www.redbooks.ibm.com /redbooks/pdfs/sg245511.pdf.
[5] 胡百敬,”SQL Injection (資料隱碼)– 駭客的 SQL填空遊戲”
,http://www.microsoft.com/taiwan/sql/SQL_Injection_G1.htm
[6] Hossain Shahriar and Mohammad Zulkernine,”MUSIC: Mutation-based SQL Injection Vulnerability Checking”, IEEE The Eighth International Conference on Quality Software, 2008 77-86.
[7] William G.J. Halfond, Alessandro Orso, Panagiotis Manolios, “WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation”, IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 34, NO. 1, JANUARY/FEBRUARY 2008 65-81.
[8] Gregory T. Buehrer, Bruce W. Weide, Paolo A. G. Sivilotti,“Using Parse Tree Validation to Prevent SQL Injection Attacks”, ACM 1­59593­204­4/05/09,Sep 2005.
[9] Elisa Bertino,Ashish Kamra,James P.Early,”Profiling Database Applications to Detect SQL Injection Attack”s, The Third International Conference on Availability, Reliability and Security,2008 IEEE
[10] Elisa Bertino,Ashish Kamra,James P.Early, Profiling Database Applications to Detect SQL Injection Attacks, Purdue University,2007 IEEE
[11] Y. Kosuga, K. Kono, M. Hanaoka, M. Hishiyama, Y. Takahama, “Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection”, In Proceedings of 23rd Annual Computer Security Applications Conference, 2007 (ACSAC 2007), Miami, Dec 2007, pp. 107-117.
[12] F. Valeur, D. Mutz and G. Vigna, A Learning- Based Approach to the Detection of SQL Attacks. Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA’05), 2005.
[13] J.M. Estévez, P. García, J.E. Díaz, “Detection of Web-based Attacks through Markovian Protocol Parsing”. 10th IEEE Symposium on Computers and Communications (ISCC’05), 2005.
[14] Nuno Antunes, Marco Vieira,” Detecting SQL Injection Vulnerabilities in Web Services”, Fourth Latin-American Symposium on Dependable Computing , 2009 IEEE.
[15] 戴江淮,”網路安全”,全威圖書股份有限公司
[16] S. Pongyupinpanich , S. Choomchuay “An Architecture for a SHA-1 Applied for DSA”, 3rd Asian International Mobile Computing Conference (AMOC 2004), May 26-28, 2004, Thailand.
[17] 林信良,”Servlet & JSP & 教學手冊”,碁峯.
[18] Open Source Web Applications with Source Code in ASP, JSP, PHP, Perl, ColdFusion, ASP.NET/C#, http://gotocode.com.
[19] W. Halfond, A. Orso, and P. Manolios, “Using Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks,”Proc. ACM SIGSOFT Symp. Foundations of Software Eng., pp. 175-185, Nov. 2006.
[20] W.G. Halfond and A. Orso, “AMNESIA: Analysis and Monitoring for NEutralizing SQL-Injection Attacks,” Proc. 20th IEEE and ACMInt’l Conf. Automated Software Eng., pp. 174-183, Nov. 2005.
[21] Z. Su and G. Wasserman, “The Essence of Command Injection Attacks in Web Applications”, In Proceedings of Symposium on Principles of Programming Languages POPL’06, Jan 2006, South Carolina, USA, pp. 372-382.
[22] William G.J. Halfond,Assistant Professor, SQL Injection Application Testbed, Computer Science,University of Southern California ,
http://www-bcf.usc.edu/~halfond/testbed.html