Loading [MathJax]/extensions/MathMenu.js
Research of SQL injection attack and prevention technology | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2015 International Conference...

Research of SQL injection attack and prevention technology

PDF
Li Qian; Zhenyuan Zhu; Jun Hu; Shuying Liu
All Authors

Abstract:

SQL injection attack is one of the most serious security vulnerabilities in Web application system, most of these vulnerabilities are caused by lack of input validation a...Show More

Metadata

Abstract:

SQL injection attack is one of the most serious security vulnerabilities in Web application system, most of these vulnerabilities are caused by lack of input validation and SQL parameters use. Typical SQL injection attack and prevention technologies are introduced in the paper. The detecting methods not only validate user input, but also use type-safe SQL parameters. SQL injection defense model is established according to the detection processes, which is effective against SQL injection vulnerabilities.
Published in: 2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF)
Date of Conference: 10-11 January 2015
Date Added to IEEE Xplore: 01 October 2015
ISBN Information:
DOI: 10.1109/ICEDIF.2015.7280212
Conference Location: Harbin
Contents

I. Introduction

SQL injection was an attack in which malicious code was embedded in strings that were later passed to database backend for parsing and execution. The malicious data produced database query results and acquired sensitive information, such as account credentials or internal business data [1]. At present, the standard definition of SQL injection technique was not yet fully established. Chris Anley discussed the various ways in which SQL could be injected into the application and resolved some of the data validation and database lockdown issues [2]. Because most web applications were associated with database backend, there were possibilities of SQL injection attacks on its [3]. Through analyzing the principle of SQL injection attacks, prevention method was proposed to solve the double defense through the browser and server ends [4]. Jang exhibited a novel scheme that automatically transformed web applications, rendering them safe against SQL injection attacks [5].

Contact IEEE to Subscribe
More Like This
Research on SQL Injection Attack and Prevention Technology Based on Web

2019 International Conference on Computer Network, Electronic and Automation (ICCNEA)

Published: 2019

A Detection and Prevention Technique on SQL Injection Attacks

2020 IEEE Conference on Computer Applications(ICCA)

Published: 2020

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.