文章基本信息

标题：SQL Injection Detection Tools Advantages and Drawbacks
本地全文：下载
作者：Hazem M. Harb ; Derar Eleyan ; Amna Eleyan 等
期刊名称：International Journal of Wireless and Microwave Technologies(IJWMT)
印刷版ISSN：2076-1449
电子版ISSN：2076-9539
出版年度：2021
卷号：11
期号：3
页码：16-21
DOI：10.5815/ijwmt.2021.03.03
出版社：MECS Publisher
摘要：SQL injection attack is a major threat to web application security. It has been rated as one of the most dangerous vulnerabilities for a web-based application. Based on the Open Web Application Security Project (OWASP), it is measured as one of the top ten. Many types of research have been made to face this attack either by preventing the threat or at least detecting it. We aim in this paper to give an overview of the SQL injection (SQLI) attack and classify these attacks and prevention and detection tools. We introduce the most current techniques and tools that are used to prevent and detect SQLI and highlight their strengths and weaknesses.
关键词：SQLI; Web-based application; prevention and detection tools; Static analysis; Dynamic analysis