International Journal of Security and Its Applications, Volume (7), No (5), Year (2013-8) , Pages (53-66)

Title : ( A Simple and Fast Technique for Detection and Prevention of SQL Injection Attacks )

Authors: Zeinab Lashkaripour , Abbas Ghaemi Bafghi ,

Citation: BibTeX | EndNote

Abstract

uery intended by the programmer and therefore, gain access to the data in the underlying database. Due to the significance of the stored data, web application’s security against SQLIA is vital. In this paper we propose a new technique based on static analysis and runtime validation for detection and prevention of SQLIAs. In this technique user inputs in SQL queries are removed and some information is gathered in order to make the detection easier and faster at runtime. Our experiments show that our proposed technique is fast, it has a low error rate and its detection rate is nearly 100%.

Keywords

Web application; SQLIA; detection; prevention; static analysis; runtime validation; security
برای دانلود از شناسه و رمز عبور پرتال پویا استفاده کنید.

@article{paperid:1040049,
author = {Lashkaripour, Zeinab and Ghaemi Bafghi, Abbas},
title = {A Simple and Fast Technique for Detection and Prevention of SQL Injection Attacks},
journal = {International Journal of Security and Its Applications},
year = {2013},
volume = {7},
number = {5},
month = {August},
issn = {1738-9976},
pages = {53--66},
numpages = {13},
keywords = {Web application; SQLIA; detection; prevention; static analysis; runtime validation; security},
}

[Download]

%0 Journal Article
%T A Simple and Fast Technique for Detection and Prevention of SQL Injection Attacks
%A Lashkaripour, Zeinab
%A Ghaemi Bafghi, Abbas
%J International Journal of Security and Its Applications
%@ 1738-9976
%D 2013

[Download]