A Countermeasure to SQL Injection Attack for Cloud Environment

被引：18

作者：

Wu, Tsu-Yang ^{[1
]}

Chen, Chien-Ming ^{[1
]}

Sun, Xiuyang ^{[1
]}

Liu, Shuai ^{[1
]}

Lin, Jerry Chun-Wei ^{[2
]}

机构：

[1] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, Shenzhen, Peoples R China

[2] Harbin Inst Technol, Shenzhen Grad Sch, Sch Comp Sci & Technol, IIIRC, Shenzhen, Peoples R China

来源：

WIRELESS PERSONAL COMMUNICATIONS | 2017年 / 96卷 / 04期

基金：

中国国家自然科学基金;

关键词：

Cloud computing; SQL injection attack; Network security; SECURITY;

D O I：

10.1007/s11277-016-3741-7

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Although cloud computing becomes a new computing model, a variety of security threats have been described. Among these threats, SQL injection attack (SQLIA) has received increasing attention recently. In the past, many researchers had proposed several methods to counter SQLIAs. However, these countermeasures of SQLIAs cannot be applied to cloud environments directly. In this paper, we propose a mechanism called CCSD (Cloud Computing SQLIA Detection) to detect SQLIAs. CCSD does not require any access to the application's source code. Hence, it can be directly applied to existing cloud environments. The experimental results demonstrate that CCSD has high accuracy, low false positive rates and low time consumption.

引用

页码：5279 / 5293

页数：15

共 50 条

[31] A BiLSTM Approach to Enhance the Accuracy of SQL Injection Attack Detection
Li, Junyi
2024 5TH INTERNATIONAL CONFERENCE ON COMPUTER ENGINEERING AND APPLICATION, ICCEA 2024, 2024, : 94 - 100
[32] SQL Injection Attack Prevention Based on Decision Tree Classification
Hanmanthu, B.
Ram, B. Raghu
Niranjan, P.
PROCEEDINGS OF 2015 IEEE 9TH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS AND CONTROL (ISCO), 2015,
[33] Ensemble Machine Learning Approaches for Detection of SQL Injection Attack
Farooq, Umar
TEHNICKI GLASNIK-TECHNICAL JOURNAL, 2021, 15 (01): : 112 - 120
[34] A Top Web Security Vulnerability SQL Injection attack - Survey
Abirami, J.
Devakunchari, R.
Valliyammai, C.
2015 SEVENTH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC), 2015,
[35] Prevention of SQL Injection Attack Using Query Transformation and Hashing
Kar, Debabrata
Panigrahi, Suvasini
PROCEEDINGS OF THE 2013 3RD IEEE INTERNATIONAL ADVANCE COMPUTING CONFERENCE (IACC), 2013, : 1317 - 1323
[36] SQL Injection Attack Detection Method using Expectation Criterion
Xiao, Linghuan
Matsumoto, Shinichi
Ishikawa, Tomohisa
Sakurai, Kouichi
2016 FOURTH INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR), 2016, : 649 - 654
[37] SQL Injection Attack Principles and Preventive Techniques for PHP Site
Zhang, Haiyan
Zhang, Xiao
PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND APPLICATION ENGINEERING (CSAE2018), 2018,
[38] An effective method for preventing SQL injection attack and session hijacking
D'silva, Karis
Vanajakshi, J.
Manjunath, K.N.
Prabhu, Srikanth
RTEICT 2017 - 2nd IEEE International Conference on Recent Trends in Electronics, Information and Communication Technology, Proceedings, 2017, 2018-January : 697 - 701
[39] Bulwark Against SQL Injection Attack-An Unified Approach
Madan, Sushila
Madan, Supriya
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2010, 10 (05): : 305 - 313
[40] Defeating SQL injection attack in authentication security: an experimental study
Debasish Das
Utpal Sharma
D. K. Bhattacharyya
International Journal of Information Security, 2019, 18 : 1 - 22

← 1 2 3 4 5 →