Patent · US Active

Detecting malicious obfuscation in a SQL statement based on an effect and/or processed version thereof

US12301616B2 · kind B2 · utility

0Cited by

4References

20Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Michael MAKHLEVICH · Haifa, IL
Andrey KARPOVSKY · Kiryat Motzkin, IL
Fady NASER EL DEEN · Daliyat al-Karmel, IL

Key dates

Filing date	Jan 10, 2022
Grant date	May 13, 2025
Priority date	—
Expiry date	Jan 14, 2043

Classification

Technology area (CPC G)Physics
CPC primaryG06F40/205
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Techniques are described herein that are capable of detecting malicious obfuscation in a SQL statement based at least in part on an effect and/or processed version of the SQL statement. In a first example, a raw version of a SQL statement is compared to a processed version of the SQL statement. A determination is made that a command in the processed version is not included in the raw version. The raw version is detected to be malicious based at least in part on the determination. In a second example, a SQL statement is bound to an event that results from execution of the SQL statement. Textual content of the SQL statement and an effect of the event are compared. The SQL statement is detected to be malicious based at least in part on the effect of the event not being indicated by the textual content.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.