publication . Article . 2017

Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

Asish Kumar Dalai; Sanjay Kumar Jena;
Open Access English
  • Published: 01 Jan 2017 Journal: Security and Communication Networks (issn: 1939-0114, eissn: 1939-0122, Copyright policy)
  • Publisher: Hindawi
Abstract
Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevention of SQL injection attack. The classification of SQL injection attacks has been done based on the methods used to exploit this vulnerability. The proposed method proves to...
Subjects
acm: Data_MISCELLANEOUSInformationSystems_DATABASEMANAGEMENT
free text keywords: Technology (General), Science (General), Q1-390, T1-995, Article Subject
36 references, page 1 of 3

Prokhorenko, V., Choo, K.-K. R., Ashman, H.. Web application protection techniques: a taxonomy. Journal of Network and Computer Applications . 2016; 60: 95-112 [OpenAIRE] [] [DOI]

Guimarães, B. D. A..

Yeole, A. S., Meshram, B. B.. Analysis of different technique for detection of SQL injection. : 963-966 [] [DOI]

Buehrer, G., Weide, B. W., Sivilotti, P. A. G.. Using parse tree validation to prevent SQL injection attacks. : 106-113 [] [DOI]

Al-Khashab, E., Al-Anzi, F. S., Salman, A. A.. PSIAQOP: preventing SQL injection attacks based on query optimization process. : 10-18

Liu, A., Yuan, Y., Wijesekera, D., Stavrou, A.. SQLProb: a proxy-based architecture towards preventing SQL injection attacks. : 2054-2061 [] [DOI]

Boyd, S. W., Kc, G. S., Locasto, M. E., Keromytis, A. D., Prevelakis, V.. On the general applicability of instruction-set randomization. IEEE Transactions on Dependable and Secure Computing . 2010; 7 (3): 255-270 [OpenAIRE] [] [DOI]

Elshazly, K., Fouad, Y., Saleh, M., Sewisy, A.. A survey of SQL injection attack detection and prevention. Journal of Computer and Communications . 2014; 2 (8): 1-9 [DOI]

Azfar, A., Choo, K.-K. R., Liu, L.. A study of ten popular Android mobile VoIP applications: are the communications encrypted?. : 4858-4867 [] [DOI]

Azfar, A., Choo, K. K. R., Liu, L.. Forensic taxonomy of popular Android mHealth apps.

Azfar, A., Choo, K. K. R., Liu, L.. An android communication app forensic taxonomy. Journal of Forensic Sciences . 2016; 61 (5): 1337-1350 [OpenAIRE] [DOI]

Azfar, A., Choo, K. R., Liu, L.. Forensic taxonomy of android productivity apps. Multimedia Tools and Applications . 2019: 1-29 [OpenAIRE] [DOI]

Azfar, A., Choo, K.-K. R., Liu, L.. Android mobile VoIP apps: a survey and examination of their security and privacy. Electronic Commerce Research . 2016; 16 (1): 73-111 [OpenAIRE] [] [DOI]

Azfar, A., Choo, K. K. R., Liu, L.. An android social app forensics adversary model. : 5597-5606 [DOI]

36 references, page 1 of 3
Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue
publication . Article . 2017

Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

Asish Kumar Dalai; Sanjay Kumar Jena;