首页    期刊浏览 2024年11月30日 星期六
登录注册

文章基本信息

  • 标题:Prevention of SQL Injection Attack on Web Applications
  • 本地全文:下载
  • 作者:Shakti Kumar ; Subhendu Dey ; R.Karthikeyan
  • 期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
  • 印刷版ISSN:2320-9798
  • 电子版ISSN:2320-9801
  • 出版年度:2015
  • 卷号:3
  • 期号:3
  • DOI:10.15680/ijircce.2015.0303129
  • 出版社:S&S Publications
  • 摘要:SQL injection is a technique where the attacker injects an input in the query in order to change thestructure of the query intended by the programmer and gaining the access of the database which results modification ofthe user‘s data. In the SQL injection it exploits a security vulnerability of data occurring in database layer of anapplication. SQL injection attack is the most common attack in websites in these days. Some malicious codes getinjected to the database by unauthorized users and get the access of the database due to lack of input validation. Inputvalidation is the most critical part of software security that is not properly covered in the design phase of softwaredevelopment life-cycle resulting in many security vulnerabilities. This paper presents the techniques for detection andprevention of SQL injection attack. There are no full proof defences available against such type of attacks. In this papersome predefined method of detection and modern techniques are discussed. This paper also describes countermeasuresof SQL injection..
  • 关键词:Web Application; SQLIA; detection; prevention; vulnerabilities; and web architecture
国家哲学社会科学文献中心版权所有