• DocumentCode
    3015202
  • Title

    SQLStor: Blockage of stored procedure SQL injection attack using dynamic query structure validation

  • Author

    Mamadhan, S. ; Manesh, T. ; Paul, Varghese

  • Author_Institution
    Dept. of CS, Adi Shankara Inst. of Eng. & Technol., Kalady, India
  • fYear
    2012
  • fDate
    27-29 Nov. 2012
  • Firstpage
    240
  • Lastpage
    245
  • Abstract
    Web applications are becoming an important part of our daily life. So attacks against them also increases rapidly. Of these attacks, a major role is held by SQL injection attacks (SQLIA). This paper proposes a new method for preventing SQL injection attacks in JSP web applications. The basic idea is to check before execution, the intended structure of the SQL query. For this we use semantic comparison. This method prevents different kinds of injection attacks including stored procedure attack which is more difficult and less considered in the literature.
  • Keywords
    Internet; SQL; security of data; JSP Web applications; SQL query; SQLIA; SQLStor; dynamic query structure validation; stored procedure SQL injection attack blockage; Databases; Electronic mail; Intelligent systems; Reactive power; Semantics; Servers; Syntactics; Arraylist; Parse Tree; SQL injection; Semantics; Web application;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligent Systems Design and Applications (ISDA), 2012 12th International Conference on
  • Conference_Location
    Kochi
  • ISSN
    2164-7143
  • Print_ISBN
    978-1-4673-5117-1
  • Type

    conf

  • DOI
    10.1109/ISDA.2012.6416544
  • Filename
    6416544
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3015202