• DocumentCode
    3343205
  • Title

    A survey of SQL injection defense mechanisms

  • Author

    Amirtahmasebi, K. ; Jalalinia, S.R. ; Khadem, S.

  • Author_Institution
    Chalmers Univ. of Technol., Goteborg, Sweden
  • fYear
    2009
  • fDate
    9-12 Nov. 2009
  • Firstpage
    1
  • Lastpage
    8
  • Abstract
    SQL injection attack (SQLIA) is a prevalent method which makes it possible for the attackers to gain direct access to the database and culminates in extracting sensitive information from the firm´s database. In this survey, we have presented and analyzed six different SQL Injection prevention techniques which can be used for securing the data storage over the Internet. The survey starts by presenting variable normalization and will continue with AMNESIA, Prepared statements, SQL DOM, SQLrand and SQLIA prevention in stored procedures respectively.
  • Keywords
    database management systems; security of data; AMNESIA; Internet; SQL DOM; SQL injection defense mechanisms; SQLIA prevention; SQLrand; data storage security; database; variable normalization; Application software; Computer security; Data mining; Data security; Database systems; Internet; Law; Legal factors; Memory; Web pages;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Internet Technology and Secured Transactions, 2009. ICITST 2009. International Conference for
  • Conference_Location
    London
  • Print_ISBN
    978-1-4244-5647-5
  • Type

    conf

  • DOI
    10.1109/ICITST.2009.5402604
  • Filename
    5402604
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3343205