Universiti Teknologi Malaysia Institutional Repository

A taxonomy of SQL injection detection and prevention techniques

Sadeghian, Amirmohammad and Zamani, Mazdak and Abdul Manaf, Azizah (2013) A taxonomy of SQL injection detection and prevention techniques. In: international Conference on informatics and Creative Multimedia 2013 (ICICM2013). September 3-6, 2013, 2013, Kuala Lumpur.

Full text not available from this repository.

Abstract

While using internet for proposing online services is increasing every day, security threats in the web also increased dramatically. One of the most serious and dangerous web application vulnerabilities is SQL injection. SQL injection attack took place by inserting a portion of malicious SQL query through a non-validated input from the user into the legitimate query statement. Consequently database management system will execute these commands and it leads to SQL injection. A successful SQL injection attack interfere Confidentiality, Integrity and availability of information in the database. Based on the statistical researches this type of attack had a high impact on business. Finding the proper solution to stop or mitigate the SQL injection is necessary. To address this problem security researchers introduce different techniques to develop secure codes, prevent SQL injection attacks and detect them. In this paper we present a comprehensive review of different types of SQL injection detection and prevention techniques. We criticize strengths and weaknesses of each technique. Such a structural classification would further help other researchers to choose the right technique for the further studies.

Item Type:Conference or Workshop Item (Paper)
Subjects:Q Science > QA Mathematics > QA76 Computer software
Divisions:Advanced Informatics School
ID Code:39242
Deposited By: Liza Porijo
Deposited On:30 Jun 2014 08:14
Last Modified:19 Sep 2017 08:46

Repository Staff Only: item control page