Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Overview

Introduction

Retrieval-Augmented Generation (RAG) is a technical framework that combines external knowledge retrieval with large language models (LLMs). It provides retrieval and generation functions and uses external knowledge bases to address issues such as outdated knowledge, hallucinations, and private data leakage in LLMs.

RAG is widely used in intelligent question answering systems, text generation, and information retrieval, but also faces security issues such as data leakage, tampering, and system damage.

This highlights the need to detect emerging SQL injections and high-risk database commands — a capability provided by the RAG appliance's SecDetectionSDK.

This document describes how to integrate and adapt SecDetectionSDK to the openGauss platform. It is intended for openGauss ecosystem partners and SecDetectionSDK developers.

Related Concepts

SecDetectionSDK is a dynamic library, which provides external interfaces for loading by ecosystem partners.

Threat model

  • SQL injection: Attackers enter or inject malicious SQL code into an application to bypass its security mechanism and directly interact with the database. As such, they can obtain sensitive information, tamper with data, or perform other malicious operations.

    Example: SELECT * FROM users WHERE username = 'admin' OR '1'='1';

  • Access to tables without permissions: Attackers attempt to perform query, addition, modification, or deletion on system data tables.

    Example: select username, password, status from info.admin where id=1 union select 1, table_name from information_schema.tables where table_name = 'users'--

  • High-risk SQL: The statements may contain operations that may damage the database structure and data.

    Example: DROP USER alice;

  • Illegal SQL: The input is a blank statement or a statement that does not comply with the SQL syntax.

    Example: from info.users where user_id in (user_id from info.all_users where user_id=1)

  • Vector attack: It is a type of SQL injection that bypasses the security mechanism of an application through vector operations and comparisons.

    Example: SELECT * FROM tblvector where '[1,2,3]'::vector = '[1,2,3]'

Parent topic: Developer Guide