A taxonomy of SQL injection detection and prevention techniques
While using internet for proposing online services is increasing every day, security threats in the web also increased dramatically. One of the most serious and dangerous web application vulnerabilities is SQL injection. SQL injection attack took place by inserting a portion of malicious SQL query t...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
2013
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/39242/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utm.39242 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.392422017-09-19T08:46:07Z http://eprints.utm.my/id/eprint/39242/ A taxonomy of SQL injection detection and prevention techniques Sadeghian, Amirmohammad Zamani, Mazdak Abdul Manaf, Azizah QA76 Computer software While using internet for proposing online services is increasing every day, security threats in the web also increased dramatically. One of the most serious and dangerous web application vulnerabilities is SQL injection. SQL injection attack took place by inserting a portion of malicious SQL query through a non-validated input from the user into the legitimate query statement. Consequently database management system will execute these commands and it leads to SQL injection. A successful SQL injection attack interfere Confidentiality, Integrity and availability of information in the database. Based on the statistical researches this type of attack had a high impact on business. Finding the proper solution to stop or mitigate the SQL injection is necessary. To address this problem security researchers introduce different techniques to develop secure codes, prevent SQL injection attacks and detect them. In this paper we present a comprehensive review of different types of SQL injection detection and prevention techniques. We criticize strengths and weaknesses of each technique. Such a structural classification would further help other researchers to choose the right technique for the further studies. 2013 Conference or Workshop Item PeerReviewed Sadeghian, Amirmohammad and Zamani, Mazdak and Abdul Manaf, Azizah (2013) A taxonomy of SQL injection detection and prevention techniques. In: international Conference on informatics and Creative Multimedia 2013 (ICICM2013). September 3-6, 2013, 2013, Kuala Lumpur. |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA76 Computer software |
| spellingShingle |
QA76 Computer software Sadeghian, Amirmohammad Zamani, Mazdak Abdul Manaf, Azizah A taxonomy of SQL injection detection and prevention techniques |
| description |
While using internet for proposing online services is increasing every day, security threats in the web also increased dramatically. One of the most serious and dangerous web application vulnerabilities is SQL injection. SQL injection attack took place by inserting a portion of malicious SQL query through a non-validated input from the user into the legitimate query statement. Consequently database management system will execute these commands and it leads to SQL injection. A successful SQL injection attack interfere Confidentiality, Integrity and availability of information in the database. Based on the statistical researches this type of attack had a high impact on business. Finding the proper solution to stop or mitigate the SQL injection is necessary. To address this problem security researchers introduce different techniques to develop secure codes, prevent SQL injection attacks and detect them. In this paper we present a comprehensive review of different types of SQL injection detection and prevention techniques. We criticize strengths and weaknesses of each technique. Such a structural classification would further help other researchers to choose the right technique for the further studies. |
| format |
Conference or Workshop Item |
| author |
Sadeghian, Amirmohammad Zamani, Mazdak Abdul Manaf, Azizah |
| author_facet |
Sadeghian, Amirmohammad Zamani, Mazdak Abdul Manaf, Azizah |
| author_sort |
Sadeghian, Amirmohammad |
| title |
A taxonomy of SQL injection detection and prevention techniques |
| title_short |
A taxonomy of SQL injection detection and prevention techniques |
| title_full |
A taxonomy of SQL injection detection and prevention techniques |
| title_fullStr |
A taxonomy of SQL injection detection and prevention techniques |
| title_full_unstemmed |
A taxonomy of SQL injection detection and prevention techniques |
| title_sort |
taxonomy of sql injection detection and prevention techniques |
| publishDate |
2013 |
| url |
http://eprints.utm.my/id/eprint/39242/ |
| _version_ |
1643650320701587456 |
| score |
13.209306 |