Comparison of SQL injection detection and prevention techniques

2010 2nd International Conference on Education Technology and Computer Pub Date : 2010-06-22 DOI:10.1109/ICETC.2010.5529788
A. Tajpour, Maslin Massrum, Mohammad Zaman Heydari
{"title":"Comparison of SQL injection detection and prevention techniques","authors":"A. Tajpour, Maslin Massrum, Mohammad Zaman Heydari","doi":"10.1109/ICETC.2010.5529788","DOIUrl":null,"url":null,"abstract":"Database driven web application are threaten by SQL Injection Attacks (SQLIAs) because this type of attack can compromise confidentiality and integrity of information in databases. Actually, an attacker intrudes to the web application database and consequently, access to data. For stopping this type of attack different approaches have been proposed by researchers but they are not enough because most of implemented approaches cannot stop all type of attacks. In this paper all type of SQL injection attack and also different techniques which can detect or prevent them are presented. Finally we evaluate these approaches against all types of SQL injection attacks.","PeriodicalId":299461,"journal":{"name":"2010 2nd International Conference on Education Technology and Computer","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"42","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 2nd International Conference on Education Technology and Computer","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICETC.2010.5529788","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 42

Abstract

Database driven web application are threaten by SQL Injection Attacks (SQLIAs) because this type of attack can compromise confidentiality and integrity of information in databases. Actually, an attacker intrudes to the web application database and consequently, access to data. For stopping this type of attack different approaches have been proposed by researchers but they are not enough because most of implemented approaches cannot stop all type of attacks. In this paper all type of SQL injection attack and also different techniques which can detect or prevent them are presented. Finally we evaluate these approaches against all types of SQL injection attacks.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
SQL注入检测和预防技术的比较
数据库驱动的web应用程序受到SQL注入攻击(SQL Injection Attacks, sqlia)的威胁,因为这种类型的攻击会破坏数据库信息的机密性和完整性。实际上,攻击者入侵了web应用程序数据库,从而访问了数据。为了阻止这种类型的攻击,研究人员提出了不同的方法,但它们是不够的,因为大多数实现的方法不能阻止所有类型的攻击。本文介绍了各种类型的SQL注入攻击以及检测和防范SQL注入攻击的技术。最后,我们对这些方法针对所有类型的SQL注入攻击进行了评估。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
2010 2nd International Conference on Education Technology and Computer
2010 2nd International Conference on Education Technology and Computer
自引率
0.00%
发文量
0
期刊最新文献
A free-roaming mobile agent security protocol against colluded truncation attack Research on interesting-oriented open-practice education Data hiding by Exploiting Modification Direction technique using optimal pixel grouping Research of CAI courseware based on VRML An XML-based platform independent Integrated e-Learning System (IELS) for the rural and remote areas of developing countries
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1