Evaluation of SQL Injection Detection and Prevention Techniques

被引:17
|
作者
Tajpour, Atefeh [1 ]
Shooshtari, Mohammad JorJor Zade [1 ]
机构
[1] Univ Technol Malaysia, Ctr Adv Software Engn CASE, Kuala Lumpur, Malaysia
来源
2010 SECOND INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE, COMMUNICATION SYSTEMS AND NETWORKS (CICSYN) | 2010年
关键词
SQL Injection Attacks; detection; prevention; evaluation; technique;
D O I
10.1109/CICSyN.2010.55
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Database driven web application are threaten by SQL Injection Attacks (SQLIAs) because this type of attack can compromise confidentiality and integrity of information in databases. Actually, an attacker intrudes to the web application database and consequently, access to data. For stopping this type of attack different approaches have been proposed by researchers but they are not enough because usually they have limitations. Indeed, some of these approaches have not implemented yet and also most of implemented approaches cannot stop all type of attacks. In this paper all type of SQL injection attack and also different approaches which can detect or prevent them are presented. Finally we evaluate these approaches against all types of SQL injection attacks and deployment requirements.
引用
收藏
页码:216 / 221
页数:6
相关论文
共 50 条
  • [1] A Taxonomy of SQL Injection Detection and Prevention Techniques
    Sadeghian, Amirmohammad
    Zamani, Mazdak
    Abd Manaf, Azizah
    [J]. 2013 INTERNATIONAL CONFERENCE ON INFORMATICS AND CREATIVE MULTIMEDIA (ICICM), 2013, : 53 - 56
  • [2] A Survey on SQL Injection Attacks, Detection and Prevention Techniques
    Kumar, Puspendra
    Pateriya, R. K.
    [J]. 2012 THIRD INTERNATIONAL CONFERENCE ON COMPUTING COMMUNICATION & NETWORKING TECHNOLOGIES (ICCCNT), 2012,
  • [3] A systematic review of detection and prevention techniques of SQL injection attacks
    Nasereddin, Mohammed
    ALKhamaiseh, Ashaar
    Qasaimeh, Malik
    Al-Qassas, Raad
    [J]. INFORMATION SECURITY JOURNAL, 2023, 32 (04): : 252 - 265
  • [4] LsSQLIDP : Literature survey on SQL injection detection and prevention techniques
    Varshney, Karishma
    Ujjwal, R. L.
    [J]. JOURNAL OF STATISTICS & MANAGEMENT SYSTEMS, 2019, 22 (02): : 257 - 269
  • [5] Evaluation of Various Techniques for SQL Injection Attack Detection
    Choras, Michal
    Kozik, Rafal
    [J]. PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON COMPUTER RECOGNITION SYSTEMS CORES 2013, 2013, 226 : 753 - 762
  • [6] A survey on SQL injection attacks, detection and prevention techniques – a tertiary study
    Hallo, María
    Suntaxi, Gabriela
    [J]. International Journal of Security and Networks, 2022, 17 (03) : 193 - 202
  • [7] Detection and prevention of SQL injection attacks
    Halfond, William G. J.
    Orso, Alessandro
    [J]. MALWARE DETECTION, 2007, : 85 - +
  • [8] Discussion on the detection and prevention of SQL injection
    Zhang, Xingzhong
    Zhang, Xiaojie
    [J]. APPLICATIONS OF ENGINEERING MATERIALS, PTS 1-4, 2011, 287-290 : 3047 - 3050
  • [9] Analysis and implementation of SQL injection attack and countermeasures using SQL injection prevention techniques
    Jesudoss, A.
    Mercy, Theresa M.
    Christy, A.
    Maheswari, M.
    Selvi, M.
    Ulagamuthalvi, V
    [J]. INTERNATIONAL JOURNAL OF ENGINEERING SYSTEMS MODELLING AND SIMULATION, 2022, 13 (04) : 262 - 267
  • [10] A Framework for the Detection and Prevention of SQL Injection Attacks
    Shafie, Emad
    Cau, Antonio
    [J]. PROCEEDINGS OF THE 11TH EUROPEAN CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2012, : 329 - 336
12345