US 12,292,973 B2
Query generalization for prevention of injection attacks
Kostyantyn Vorobyov, Brisbane (AU); and Padmanabhan Krishnan, Brisbane (AU)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on Feb. 22, 2022, as Appl. No. 17/677,675.
Prior Publication US 2023/0267203 A1, Aug. 24, 2023
Int. Cl. G06F 21/00 (2013.01); G06F 21/56 (2013.01)
CPC G06F 21/566 (2013.01) [G06F 2221/034 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for detecting a security vulnerability of a target query to a database, the method comprising:
obtaining a set of training queries, each training query comprising a predicate and one or more accessed columns returned from evaluating the predicate;
transforming the set of training queries into a structure, the structure relating, for an accessed column and a training query, the predicate and a correlation value to the accessed column;
normalizing the structure into a normalized structure, the normalized structure grouping entries in the structure according to accessed column;
generating a generalized query from the normalized structure;
adding the generalized query to a query filter list; and
preventing execution of the target query based on a comparison with the query filter list.