SQL injection detection and prevention techniques
SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Published: |
IEEE
2011
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/29333/ https://www.scopus.com/record/display.uri?eid=2-s2.0-80052579658&origin=resultslist&sort=plf-f&src=s&st1 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application's underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability. In this paper we present SQL injection attack types and also current techniques which can detect or prevent these attacks. Finally we evaluate these techniques. |
|---|