The present invention relates to systems and methods for preventing malicious attacks on relational database management systems (RDBMS). In particular, the present systems and methods include novel means for determining the likelihood of a structured query language (SQL) injection attack and other security risks.
With the proliferation of online activity, there has been an equally robust increase in the numbers of attacks. These attacks enable malicious parties to gain personal (and potentially sensitive) information on individuals, redirect users to malicious websites, track their browsing, and otherwise take advantage of users, often without them being aware of the attack.
One common vector of attacks is SQL injection. SQL injection is designed to tamper or steal sensitive information from data-driven web applications. This is accomplished by providing fragments of a SQL query into an input variable, supplied by a web application user. When the input is evaluated by the application, the tainted SQL query is executed, allowing attackers to CRUD (create, read, update, delete) information from a database.
There are limited methods currently employed to avert SQL injection attacks. Rarely are there requirements placed on SQL entries that attempt to redress SQL injection attacks. More often blacklists, in the form of string replacements and regular expressions, are employed to restrict known threats from accessing the databases. However, generally, there is insufficient means for accurately assessing the risk of a SQL query and especially, an input variable that may contain a SQL query.
It is therefore apparent that an urgent need exists for improved systems and methods for analyzing SQL queries in order to identify potential injection attacks. Such systems and methods enable the generation of reports on the SQL query which may be employed for attack prevention.