Title :
Comparison of SQL injection detection and prevention techniques
Author :
Tajpour, Atefeh ; Massrum, Maslin ; Heydari, Mohammad Zaman
Author_Institution :
Center for Adv. Software Eng., Univ. Technol. Malaysia, Kuala Lumpur, Malaysia
Abstract :
Database driven web application are threaten by SQL Injection Attacks (SQLIAs) because this type of attack can compromise confidentiality and integrity of information in databases. Actually, an attacker intrudes to the web application database and consequently, access to data. For stopping this type of attack different approaches have been proposed by researchers but they are not enough because most of implemented approaches cannot stop all type of attacks. In this paper all type of SQL injection attack and also different techniques which can detect or prevent them are presented. Finally we evaluate these approaches against all types of SQL injection attacks.
Keywords :
SQL; Web services; data integrity; database management systems; security of data; SQL injection attack; SQL injection detection; SQL injection prevention; database driven Web application; information integrity; structural query language; Application software; Books; Computer science education; Database languages; Educational technology; Engineering management; Logic; Shape; Software engineering; Technology management; SQL Injection Attacks; detection; prevention;
Conference_Titel :
Education Technology and Computer (ICETC), 2010 2nd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-6367-1
DOI :
10.1109/ICETC.2010.5529788
