A Countermeasure to SQL Injection Attack for Cloud Environment

被引：18

作者：

Wu, Tsu-Yang ^{[1
]}

Chen, Chien-Ming ^{[1
]}

Sun, Xiuyang ^{[1
]}

Liu, Shuai ^{[1
]}

Lin, Jerry Chun-Wei ^{[2
]}

机构：

[1] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, Shenzhen, Peoples R China

[2] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, IIIRC, Shenzhen, Peoples R China

来源：

WIRELESS PERSONAL COMMUNICATIONS | 2017年 / 96卷 / 04期

基金：

中国国家自然科学基金;

关键词：

Cloud computing; SQL injection attack; Network security; SECURITY;

D O I：

10.1007/s11277-016-3741-7

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Although cloud computing becomes a new computing model, a variety of security threats have been described. Among these threats, SQL injection attack (SQLIA) has received increasing attention recently. In the past, many researchers had proposed several methods to counter SQLIAs. However, these countermeasures of SQLIAs cannot be applied to cloud environments directly. In this paper, we propose a mechanism called CCSD (Cloud Computing SQLIA Detection) to detect SQLIAs. CCSD does not require any access to the application's source code. Hence, it can be directly applied to existing cloud environments. The experimental results demonstrate that CCSD has high accuracy, low false positive rates and low time consumption.

引用

页码：5279 / 5293

页数：15

共 50 条

[1] A Countermeasure to SQL Injection Attack for Cloud Environment
Tsu-Yang Wu
Chien-Ming Chen
Xiuyang Sun
Shuai Liu
Jerry Chun-Wei Lin
Wireless Personal Communications, 2017, 96 : 5279 - 5293
[2] Detection Method of SQL injection Attack in Cloud Computing Environment
Wang, Kuisheng
Hou, Yan
PROCEEDINGS OF 2016 IEEE ADVANCED INFORMATION MANAGEMENT, COMMUNICATES, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (IMCEC 2016), 2016, : 487 - 493
[3] An old risk in the new era: SQL injection in cloud environment
Fu Xiao
Wang Zhijian
Wang Meiling
Chen Ning
Zhu Yue
Zhang Lei
Wang Pei
Cao Xiaoning
INTERNATIONAL JOURNAL OF GRID AND UTILITY COMPUTING, 2021, 12 (01) : 43 - 54
[4] Modeling a SQL Injection Attack
Kaur, Navdeep
Kaur, Parminder
PROCEEDINGS OF THE 10TH INDIACOM - 2016 3RD INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT, 2016, : 77 - 82
[5] Detection Model for SQL Injection Attack: An Approach for Preventing a Web Application from the SQL Injection Attack
Buja, Geogiana
Bin Abd Jalil, Kamarularifin
Ali, Fakariah Bt Hj Mohd
Rahman, Teh Faradilla Abdul
2014 IEEE SYMPOSIUM ON COMPUTER APPLICATIONS AND INDUSTRIAL ELECTRONICS (ISCAIE), 2014,
[6] A Multilevel System to Mitigate DDoS, Brute force and SQL Injection Attack for Cloud Security
Patil, Ajit
Athawale, S. V.
Tathawade, Priya
Laturkar, Aishwarya
Takale, Rutuja
2017 IEEE INTERNATIONAL CONFERENCE ON INFORMATION, COMMUNICATION, INSTRUMENTATION AND CONTROL (ICICIC), 2017,
[7] SQL Filtering: An Effective Technique to Prevent SQL Injection Attack
Dubey, Rhythm
Gupta, Himanshu
2016 5TH INTERNATIONAL CONFERENCE ON RELIABILITY, INFOCOM TECHNOLOGIES AND OPTIMIZATION (TRENDS AND FUTURE DIRECTIONS) (ICRITO), 2016, : 312 - 317
[8] Analysis and implementation of SQL injection attack and countermeasures using SQL injection prevention techniques
Jesudoss, A.
Mercy, Theresa M.
Christy, A.
Maheswari, M.
Selvi, M.
Ulagamuthalvi, V
INTERNATIONAL JOURNAL OF ENGINEERING SYSTEMS MODELLING AND SIMULATION, 2022, 13 (04) : 262 - 267
[9] SQL injection attack and guard technical research
Xue Ping-Chen
CEIS 2011, 2011, 15
[10] SQL injection attack: Detection, prioritization & prevention
Paul, Alan
Sharma, Vishal
Olukoya, Oluwafemi
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2024, 85

← 1 2 3 4 5 →