A survey on SQL injection attacks, detection and prevention techniques

Author

Kumar, Pranaw ; Pateriya, R.K.

Author_Institution

Dept. of Comput. Sci. & Eng., Maulana Azad Nat. Inst. of Technol., Bhopal, India

fYear

2012

fDate

26-28 July 2012

Firstpage

1

Lastpage

5

Abstract

SQL Injection poses a serious security issue over the Internet or over web application. In SQL injection attacks, hackers can take advantage of poorly coded Web application software to introduce malicious code into the organization´s systems and network. The vulnerability exists when a Web application do not properly filter or validate the entered data by a user on a Web page. Large Web applications have hundreds of places where users can input data, each of which can provide a SQL injection opportunity. Attacker can steal confidential data of the organization with these attacks resulting loss of market value of the organization. This paper presents an effective survey of SQL Injection attack, detection and prevention techniques.

Keywords

Internet; SQL; security of data; Internet; SQL injection attacks; Web application; Web page; detection techniques; malicious code; prevention techniques; Conferences; Cryptography; Monitoring; Runtime; Software; XML; Detection; Dynamic analysis; Prevention; SQL Injection Attacks; Static Analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Computing Communication & Networking Technologies (ICCCNT), 2012 Third International Conference on

Conference_Location

Coimbatore

Type

conf

DOI

10.1109/ICCCNT.2012.6396096

Filename

6396096