{"title":"SQL注入攻击、检测和预防技术综述","authors":"P. Kumar, R. Pateriya","doi":"10.1109/ICCCNT.2012.6396096","DOIUrl":null,"url":null,"abstract":"SQL Injection poses a serious security issue over the Internet or over web application. In SQL injection attacks, hackers can take advantage of poorly coded Web application software to introduce malicious code into the organization's systems and network. The vulnerability exists when a Web application do not properly filter or validate the entered data by a user on a Web page. Large Web applications have hundreds of places where users can input data, each of which can provide a SQL injection opportunity. Attacker can steal confidential data of the organization with these attacks resulting loss of market value of the organization. This paper presents an effective survey of SQL Injection attack, detection and prevention techniques.","PeriodicalId":364589,"journal":{"name":"2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2012-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"62","resultStr":"{\"title\":\"A survey on SQL injection attacks, detection and prevention techniques\",\"authors\":\"P. Kumar, R. Pateriya\",\"doi\":\"10.1109/ICCCNT.2012.6396096\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"SQL Injection poses a serious security issue over the Internet or over web application. In SQL injection attacks, hackers can take advantage of poorly coded Web application software to introduce malicious code into the organization's systems and network. The vulnerability exists when a Web application do not properly filter or validate the entered data by a user on a Web page. Large Web applications have hundreds of places where users can input data, each of which can provide a SQL injection opportunity. Attacker can steal confidential data of the organization with these attacks resulting loss of market value of the organization. This paper presents an effective survey of SQL Injection attack, detection and prevention techniques.\",\"PeriodicalId\":364589,\"journal\":{\"name\":\"2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"62\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCCNT.2012.6396096\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCNT.2012.6396096","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A survey on SQL injection attacks, detection and prevention techniques
SQL Injection poses a serious security issue over the Internet or over web application. In SQL injection attacks, hackers can take advantage of poorly coded Web application software to introduce malicious code into the organization's systems and network. The vulnerability exists when a Web application do not properly filter or validate the entered data by a user on a Web page. Large Web applications have hundreds of places where users can input data, each of which can provide a SQL injection opportunity. Attacker can steal confidential data of the organization with these attacks resulting loss of market value of the organization. This paper presents an effective survey of SQL Injection attack, detection and prevention techniques.