sqld

package

v0.2.2 Latest Latest Go to latest Published: Feb 12, 2024 License: BSD-3-Clause Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/AiRISTAFlowInc/fs-microgateway

README ¶

SQL Detector

The sqld service type implements SQL injection attack detection. Regular expressions and a GRU recurrent neural network are used to detect SQL injection attacks.

The available service settings are as follows:

Name	Type	Description
file	string	An optional file name for custom neural network weights

The available input for the request are as follows:

Name	Type	Description
payload	JSON object	A payload to do SQL injection attack detection on

The available response outputs are as follows:

Name	Type	Description
attack	number	The probability that the payload is a SQL injection attack
attackValues	JSON object	The SQL injection attack probability for each string in the payload

A sample service definition is:

{
  "name": "SQLSecurity",
  "description": "Look for sql injection attacks",
  "ref": "github.com/AiRISTAFlowInc/fs-microgateway/activity/sqld"
}

An example step that invokes the above SQLSecurity service using payload is:

{
  "service": "SQLSecurity",
  "input": {
    "payload": "=$.payload"
  }
}

Utilizing the response values can be seen in a response handler:

{
  "if": "$.SQLSecurity.outputs.attack > 80",
  "error": true,
  "output": {
    "code": 403,
    "data": {
      "error": "hack attack!",
      "attackValues": "=$.SQLSecurity.outputs.attackValues"
    }
  }
}

Documentation ¶

Index ¶

func New(ctx activity.InitContext) (activity.Activity, error)
type Activity
- func (a *Activity) Eval(ctx activity.Context) (done bool, err error)
- func (a *Activity) Metadata() *activity.Metadata
type Input
- func (r *Input) FromMap(values map[string]interface{}) error
- func (r *Input) ToMap() map[string]interface{}
type Output
- func (o *Output) FromMap(values map[string]interface{}) error
- func (o *Output) ToMap() map[string]interface{}
type Settings

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(ctx activity.InitContext) (activity.Activity, error)

Types ¶

type Activity ¶

type Activity struct {
	Maker *injectsec.DetectorMaker
}

Activity is a SQL injection attack detector

func (*Activity) Eval ¶

func (a *Activity) Eval(ctx activity.Context) (done bool, err error)

Eval executes the activity

func (*Activity) Metadata ¶

func (a *Activity) Metadata() *activity.Metadata

Metadata return the metadata for the activity

type Input ¶

type Input struct {
	Payload map[string]interface{} `md:"payload,required"`
}

func (*Input) FromMap ¶

func (r *Input) FromMap(values map[string]interface{}) error

func (*Input) ToMap ¶

func (r *Input) ToMap() map[string]interface{}

type Output ¶

type Output struct {
	Attack       float32                `md:"attack"`
	AttackValues map[string]interface{} `md:"attackValues"`
}

func (*Output) FromMap ¶

func (o *Output) FromMap(values map[string]interface{}) error

func (*Output) ToMap ¶

func (o *Output) ToMap() map[string]interface{}

type Settings ¶

type Settings struct {
	File string `md:"file"`
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
examples
api
injectsec
cmd/injectsec_train
data
gru

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL