Mazoon Hashil Al Rubaiei, Thuraiya Al Yarubi, Maiya Al Saadi, B. Kumar
{"title":"SQLIA Detection and Prevention Techniques","authors":"Mazoon Hashil Al Rubaiei, Thuraiya Al Yarubi, Maiya Al Saadi, B. Kumar","doi":"10.1109/SMART50582.2020.9336795","DOIUrl":null,"url":null,"abstract":"Structure Query Language Injection (SQLI) is one of the top most threat to web-based applications (Like e-commerce, banking, shopping, trading, blogs, etc.) which are connected to the database. The attacker has the ability to get full access and the full control of the database or the application and that drives to removing, modifying and changing significant data. This can be performed by the attacker when a sequence of malicious SQL statements are injected by the attacker into a query through an input that is not validated. Finding the proper solution to stop or mitigate the SQL injection is necessary due to the importance of security of web applications. Many researchers have studied SQLIA detection and prevention extensively and have proposed various methods. However, these techniques are not enough because usually, they have limitations cannot stop all type of attacks. This paper presents background study about classical types of SQLIA, detection and prevention techniques as well as evaluation of these approaches against those types of attacks.","PeriodicalId":129946,"journal":{"name":"2020 9th International Conference System Modeling and Advancement in Research Trends (SMART)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 9th International Conference System Modeling and Advancement in Research Trends (SMART)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SMART50582.2020.9336795","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Structure Query Language Injection (SQLI) is one of the top most threat to web-based applications (Like e-commerce, banking, shopping, trading, blogs, etc.) which are connected to the database. The attacker has the ability to get full access and the full control of the database or the application and that drives to removing, modifying and changing significant data. This can be performed by the attacker when a sequence of malicious SQL statements are injected by the attacker into a query through an input that is not validated. Finding the proper solution to stop or mitigate the SQL injection is necessary due to the importance of security of web applications. Many researchers have studied SQLIA detection and prevention extensively and have proposed various methods. However, these techniques are not enough because usually, they have limitations cannot stop all type of attacks. This paper presents background study about classical types of SQLIA, detection and prevention techniques as well as evaluation of these approaches against those types of attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
