Title :
A survey on SQL injection attacks, detection and prevention techniques
Author :
Kumar, Pranaw ; Pateriya, R.K.
Author_Institution :
Dept. of Comput. Sci. & Eng., Maulana Azad Nat. Inst. of Technol., Bhopal, India
Abstract :
SQL Injection poses a serious security issue over the Internet or over web application. In SQL injection attacks, hackers can take advantage of poorly coded Web application software to introduce malicious code into the organization´s systems and network. The vulnerability exists when a Web application do not properly filter or validate the entered data by a user on a Web page. Large Web applications have hundreds of places where users can input data, each of which can provide a SQL injection opportunity. Attacker can steal confidential data of the organization with these attacks resulting loss of market value of the organization. This paper presents an effective survey of SQL Injection attack, detection and prevention techniques.
Keywords :
Internet; SQL; security of data; Internet; SQL injection attacks; Web application; Web page; detection techniques; malicious code; prevention techniques; Conferences; Cryptography; Monitoring; Runtime; Software; XML; Detection; Dynamic analysis; Prevention; SQL Injection Attacks; Static Analysis;
Conference_Titel :
Computing Communication & Networking Technologies (ICCCNT), 2012 Third International Conference on
Conference_Location :
Coimbatore
DOI :
10.1109/ICCCNT.2012.6396096