SQL Anomaly Detection
This security detection checks SQL statements for any risky features and logs any detected risks.
- Detection of risky SQL commands based on static rules: This SDK defines blocklist rules based on the database SQL syntax structure, Data Control Language (DCL), Data Definition Language (DDL), Data Manipulation Language (DML), and openGauss command syntax. This detection operation identifies risky commands by using regular expressions based on the SQL syntax and blocklist rules, and intercepts these commands during operation.
- Semantic-based malicious SQL detection: SQL lexical analysis is a process in compiler technology that decomposes SQL code into basic tokens. The lexical analyzer reads the input SQL code and decomposes it into tokens, such as keywords, identifiers, operators, and constants. These tokens are the basis of syntax analysis.
Structures in dbsd_type.h
Domain Type |
Domain Name |
Description |
|---|---|---|
unsigned int |
userId |
User ID |
unsigned int |
sqlStatementLen |
SQL statement length |
char * |
sqlStatement |
SQL statement to be checked |
char * |
userAddress |
User IP address |
Domain Type |
Domain Name |
Description |
|---|---|---|
MemAlloc |
memAlloc |
Memory allocation |
MemFree |
memFree |
Memory release |
Parent topic: Developer Guide