SQL Injection Detection and Prevention Tools Assessment

被引:0
|
作者
Tajpour, Atefeh [1 ]
Heydari, Mohammad Zaman [2 ]
Masrom, Maslin [1 ]
Ibrahim, Suhaimi [1 ]
机构
[1] Univ Technol Malaysia, CASE Ctr, Kuala Lumpur, Malaysia
[2] UCSI Univ Kuala Lumpur, IT & Management Dep, Kuala Lumpur, Malaysia
来源
PROCEEDINGS OF 2010 3RD IEEE INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGY, VOL 9 (ICCSIT 2010) | 2010年
关键词
SQL Injection Attacks; detection; prevention; tool; assessment;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
SQL Injection Attacks (SQLIAs) is one of the most serious threats to the security of database driven applications. In fact, it allows an attacker to gain control over the database of an application and consequently, an attacker may be able to alter data. Many surveys have addressed this problem. Also some researchers have proposed different approaches to detect and prevent this vulnerability but they are not successful completely. Moreover, some of these approaches have not implemented yet and users would be confused in choosing an appropriate tool. In this paper we present all SQL injection attack types and also different tools which can detect or prevent these attacks. Finally we assessed addressing all SQL injection attacks type among current tools.
引用
收藏
页码:518 / 522
页数:5
相关论文
共 50 条
  • [1] SQL Injection Detection and Prevention Tools Assessment
    Tajpour, Atefeh
    Masrom, Maslin
    Heydari, Mohammad Zama
    Ibrahim, Suhaimi
    [J]. PROCEEDINGS OF THE 2014 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2014, : 730 - 731
  • [2] Detection and prevention of SQL injection attacks
    Halfond, William G. J.
    Orso, Alessandro
    [J]. MALWARE DETECTION, 2007, : 85 - +
  • [3] Discussion on the detection and prevention of SQL injection
    Zhang, Xingzhong
    Zhang, Xiaojie
    [J]. APPLICATIONS OF ENGINEERING MATERIALS, PTS 1-4, 2011, 287-290 : 3047 - 3050
  • [4] Evaluation of SQL Injection Detection and Prevention Techniques
    Tajpour, Atefeh
    Shooshtari, Mohammad JorJor Zade
    [J]. 2010 SECOND INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE, COMMUNICATION SYSTEMS AND NETWORKS (CICSYN), 2010, : 216 - 221
  • [5] A Framework for the Detection and Prevention of SQL Injection Attacks
    Shafie, Emad
    Cau, Antonio
    [J]. PROCEEDINGS OF THE 11TH EUROPEAN CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2012, : 329 - 336
  • [6] A Taxonomy of SQL Injection Detection and Prevention Techniques
    Sadeghian, Amirmohammad
    Zamani, Mazdak
    Abd Manaf, Azizah
    [J]. 2013 INTERNATIONAL CONFERENCE ON INFORMATICS AND CREATIVE MULTIMEDIA (ICICM), 2013, : 53 - 56
  • [7] SQL injection attack: Detection, prioritization & prevention
    Paul, Alan
    Sharma, Vishal
    Olukoya, Oluwafemi
    [J]. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2024, 85
  • [8] A Survey on SQL Injection Attacks, Detection and Prevention
    Hu, Jianwei
    Zhao, Wei
    Cui, Yanpeng
    [J]. ICMLC 2020: 2020 12TH INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND COMPUTING, 2018, : 483 - 488
  • [9] A Hybrid Method for Detection and Prevention of SQL Injection Attacks
    Ghafarian, Ahmad
    [J]. 2017 COMPUTING CONFERENCE, 2017, : 833 - 838
  • [10] Detection and Prevention of SQL Injection Attacks on Web Applications
    Fouad, Yasser
    Elshazly, Khaled
    [J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2013, 13 (08): : 1 - 7
12345