Sum Keng Chung, O. C. Yee, M. Singh, Rohail Hassan
{"title":"电子学习系统的SQL注入攻击和会话劫持","authors":"Sum Keng Chung, O. C. Yee, M. Singh, Rohail Hassan","doi":"10.1109/I4CT.2014.6914201","DOIUrl":null,"url":null,"abstract":"E-learning enables acquisition of knowledge and information through technologies such as computers, smartphones, tablets and wide area networks. The existence of e-learning does contribute in the field of education field such as in the university because its improve the education quality and distributing and sharing of teaching material efficiently. However, due to the open-network in which e-learning tools resides, it is prone to various security attacks. In this paper, we will classify e-learning technology security based attacks into classification via active and passive attacks. Next, two major attacks which is the SQL injection attack and session hijacking is explored in-depth. Case study for each attack to investigate the vulnerabilities in e-learning system and mechanism of solutions to tackle this attack is also presented. An evaluation of the proposed solutions against the X.800 security architecture is done at the end of the study.","PeriodicalId":356190,"journal":{"name":"2014 International Conference on Computer, Communications, and Control Technology (I4CT)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"SQL injections attack and session hijacking on e-learning systems\",\"authors\":\"Sum Keng Chung, O. C. Yee, M. Singh, Rohail Hassan\",\"doi\":\"10.1109/I4CT.2014.6914201\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"E-learning enables acquisition of knowledge and information through technologies such as computers, smartphones, tablets and wide area networks. The existence of e-learning does contribute in the field of education field such as in the university because its improve the education quality and distributing and sharing of teaching material efficiently. However, due to the open-network in which e-learning tools resides, it is prone to various security attacks. In this paper, we will classify e-learning technology security based attacks into classification via active and passive attacks. Next, two major attacks which is the SQL injection attack and session hijacking is explored in-depth. Case study for each attack to investigate the vulnerabilities in e-learning system and mechanism of solutions to tackle this attack is also presented. An evaluation of the proposed solutions against the X.800 security architecture is done at the end of the study.\",\"PeriodicalId\":356190,\"journal\":{\"name\":\"2014 International Conference on Computer, Communications, and Control Technology (I4CT)\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-10-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Conference on Computer, Communications, and Control Technology (I4CT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/I4CT.2014.6914201\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Computer, Communications, and Control Technology (I4CT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/I4CT.2014.6914201","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SQL injections attack and session hijacking on e-learning systems
E-learning enables acquisition of knowledge and information through technologies such as computers, smartphones, tablets and wide area networks. The existence of e-learning does contribute in the field of education field such as in the university because its improve the education quality and distributing and sharing of teaching material efficiently. However, due to the open-network in which e-learning tools resides, it is prone to various security attacks. In this paper, we will classify e-learning technology security based attacks into classification via active and passive attacks. Next, two major attacks which is the SQL injection attack and session hijacking is explored in-depth. Case study for each attack to investigate the vulnerabilities in e-learning system and mechanism of solutions to tackle this attack is also presented. An evaluation of the proposed solutions against the X.800 security architecture is done at the end of the study.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
