Title :
SQL injection detection and prevention tools assessment
Author :
Tajpour, Atefeh ; Masrom, Maslin ; Heydari, Mohammad Zaman ; Ibrahim, Suhaimi
Author_Institution :
CASE Center, Univ. Technol. Malaysia, Kuala Lumpur, Malaysia
Abstract :
SQL Injection Attacks (SQLIAs) is one of the most serious threats to the security of database driven applications. In fact, it allows an attacker to gain control over the database of an application and consequently, an attacker may be able to alter data. Many surveys have addressed this problem. Also some researchers have proposed different approaches to detect and prevent this vulnerability but they are not successful completely. Moreover, some of these approaches have not implemented yet and users would be confused in choosing an appropriate tool. In this paper we present all SQL injection attack types and also different tools which can detect or prevent these attacks. Finally we assessed addressing all SQL injection attacks type among current tools.
Keywords :
SQL; database languages; SQL injection attack; SQL injection detection; Structured Query Language; database driven application; gain control; prevention tool assessment; SQL Injection Attacks; assessment; detection; prevention; tool;
Conference_Titel :
Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5537-9
DOI :
10.1109/ICCSIT.2010.5563777
