• DocumentCode
    3077425
  • Title

    Preventing SQL injection attacks using negative tainting approach

  • Author

    Gadgikar, A.S.

  • Author_Institution
    Dept. of Comput. Eng., D.Y. Patil Coll. of Eng., Pune, India
  • fYear
    2013
  • fDate
    26-28 Dec. 2013
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    One of the major issues of web application security is SQL injection attacks, which gives attackers an unrestricted access to the database. Preventing SQL Injection attacks using negative tainting approach is an idea of incorporating the uniqueness of negative tainting with linked list structure. As most of the tools available today concentrates on positive tainting technique, less work has been done on negative tainting. So this approach has been chosen and it provides good response time for application programs where large databases are used. This system is able to stop most of the known successful attacks except stored procedures and character encoding attacks and generates very less (negligible) false positives.
  • Keywords
    SQL; security of data; SQL injection attack; Web application security; negative tainting approach; positive tainting; Computational intelligence; Conferences; Data mining; Databases; Runtime; Security; Servers; SQL Injection; negative tainting; positive tainting;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence and Computing Research (ICCIC), 2013 IEEE International Conference on
  • Conference_Location
    Enathi
  • Print_ISBN
    978-1-4799-1594-1
  • Type

    conf

  • DOI
    10.1109/ICCIC.2013.6724140
  • Filename
    6724140
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3077425